portal.tds.net Open in urlscan Pro
132.226.38.239 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mybendbroadband.com/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-ac...
Effective URL:
https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-ac...
Submission: On August 25 via manual (August 25th 2023, 6:15:40 am UTC) from US — Scanned from CH

Summary HTTP 153 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 39 domains to perform 153 HTTP transactions. The main IP is 132.226.38.239, located in Ashburn, United States and belongs to ORACLE-BMC-31898, US. The main domain is portal.tds.net. The Cisco Umbrella rank of the primary domain is 443350.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 2nd 2022. Valid for: a year.

This is the only time portal.tds.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	129.159.77.31 129.159.77.31	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	132.226.38.239 132.226.38.239	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
20	93.184.222.66 93.184.222.66	15133 (EDGECAST) (EDGECAST)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:249... 2600:9000:2491:5200:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.49 143.204.98.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2240:e000:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:233... 2606:2800:233:f76:14f7:d635:25c4:c8d7	15133 (EDGECAST) (EDGECAST)
1	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.99.89 13.32.99.89	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
2	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:7600:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
6	129.80.81.219 129.80.81.219	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
5	2001:470:1f07... 2001:470:1f07:135:e63d:1aff:fe85:29d0	6939 (HURRICANE) (HURRICANE)
1	108.138.17.23 108.138.17.23	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.213.174.162 52.213.174.162	16509 (AMAZON-02) (AMAZON-02)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	104.247.86.163 104.247.86.163	395558 (GSCOMPUTING) (GSCOMPUTING)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:d29... 2a05:d018:d29:3601:34cf:96f9:2678:f523	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	35.209.232.50 35.209.232.50	19527 (GOOGLE-2) (GOOGLE-2)
1	172.105.13.106 172.105.13.106	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
13	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223d:f800:10:43f:4352:ad61	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
153	54

1 129.159.77.31 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

mybendbroadband.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.226.38.239 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

portal.tds.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 93.184.222.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

tesseract.imds-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sadlib.imds-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
portal-static.imds-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vam-image.imds-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2491:5200:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-49.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:e000:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)

contango-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:68b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7600:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 129.80.81.219 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
PTR: bigip-ccendeca2-prod-z5qa-oracleoutsourcing.oracle.com

scs.imds-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
location.imds-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
weather.imds-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:470:1f07:135:e63d:1aff:fe85:29d0 (Brooklyn, United States)

ASN6939 (HURRICANE, US)

api.cloudquote.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-23.fra56.r.cloudfront.net

widgets.financialcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.174.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-174-162.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.247.86.163 (United States)

ASN395558 (GSCOMPUTING, US)

api.newsrpm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:34cf:96f9:2678:f523 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.209.232.50 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 50.232.209.35.bc.googleusercontent.com

www.fdazar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.13.106 (Toronto, Canada)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-13-106.ip.linodeusercontent.com

tracking.newsrpm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cf340ff69f06035ff742c1ada7462dd0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:f800:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	imds-cdn.com tesseract.imds-cdn.com — Cisco Umbrella Rank: 135779 sadlib.imds-cdn.com — Cisco Umbrella Rank: 100660 portal-static.imds-cdn.com — Cisco Umbrella Rank: 155065 vam-image.imds-cdn.com — Cisco Umbrella Rank: 117548	526 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 cf340ff69f06035ff742c1ada7462dd0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155	323 KB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	188 KB
13	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 379	229 KB
10	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 2021 wrappers.geoedge.be — Cisco Umbrella Rank: 28460 gw.geoedge.be — Cisco Umbrella Rank: 2394	387 KB
6	imds-api.com scs.imds-api.com — Cisco Umbrella Rank: 130000 location.imds-api.com — Cisco Umbrella Rank: 155237 weather.imds-api.com — Cisco Umbrella Rank: 149941	2 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2412 www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 344 aax.amazon-adsystem.com — Cisco Umbrella Rank: 430 s.amazon-adsystem.com — Cisco Umbrella Rank: 320	67 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
5	newsrpm.com api.newsrpm.com tracking.newsrpm.com	5 KB
5	cloudquote.net api.cloudquote.net — Cisco Umbrella Rank: 235627	13 KB
5	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 947 api.btloader.com — Cisco Umbrella Rank: 1059	8 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1331 google-bidout-d.openx.net — Cisco Umbrella Rank: 1336 us-u.openx.net — Cisco Umbrella Rank: 481	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	170 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 435 mug.criteo.com — Cisco Umbrella Rank: 2707	7 KB
3	rubiconproject.com ads.rubiconproject.com — Cisco Umbrella Rank: 2303 fastlane.rubiconproject.com — Cisco Umbrella Rank: 545 eus.rubiconproject.com Failed	27 KB
2	gstatic.com maps.gstatic.com	62 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1077	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 795 id5-sync.com — Cisco Umbrella Rank: 411	27 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 852 bcp.crwdcntrl.net — Cisco Umbrella Rank: 813	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	161 KB
1	fdazar.com www.fdazar.com	452 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 360	265 B
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458	604 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3226	623 B
1	financialcontent.com widgets.financialcontent.com — Cisco Umbrella Rank: 63480	363 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1677	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1478	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	1 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1129	9 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1496	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	13 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 2018	616 B
1	technoratimedia.com contango-cdn.technoratimedia.com — Cisco Umbrella Rank: 126484	3 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2515	73 KB
1	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 990	113 KB
1	tds.net portal.tds.net — Cisco Umbrella Rank: 443350	2 KB
1	mybendbroadband.com 1 redirects mybendbroadband.com	365 B
0	vaesite.net Failed pressadvantage.vaesite.net Failed
153	39

	Domain	Requested by
17	tesseract.imds-cdn.com	portal.tds.net tesseract.imds-cdn.com rumcdn.geoedge.be
13	maps.googleapis.com	www.google.com maps.googleapis.com
12	tpc.googlesyndication.com	rumcdn.geoedge.be
9	securepubads.g.doubleclick.net	sadlib.imds-cdn.com rumcdn.geoedge.be securepubads.g.doubleclick.net
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com rumcdn.geoedge.be
5	www.google.com	widgets.financialcontent.com rumcdn.geoedge.be
5	api.cloudquote.net	tesseract.imds-cdn.com
5	rumcdn.geoedge.be	sadlib.imds-cdn.com rumcdn.geoedge.be portal.tds.net
4	gw.geoedge.be	rumcdn.geoedge.be
4	cm.g.doubleclick.net	3 redirects google-bidout-d.openx.net
4	api.newsrpm.com	widgets.financialcontent.com
4	region1.google-analytics.com	www.googletagmanager.com
3	www.googletagservices.com	rumcdn.geoedge.be
3	weather.imds-api.com	tesseract.imds-cdn.com
3	api.btloader.com	btloader.com
3	c.amazon-adsystem.com	sadlib.imds-cdn.com c.amazon-adsystem.com
2	maps.gstatic.com	www.google.com
2	s.amazon-adsystem.com	1 redirects google-bidout-d.openx.net
2	www.google-analytics.com	widgets.financialcontent.com www.google-analytics.com
2	ad-delivery.net	portal.tds.net
2	gum.criteo.com	1 redirects rumcdn.geoedge.be
2	oajs.openx.net	1 redirects portal.tds.net
2	scs.imds-api.com	tesseract.imds-cdn.com
2	fastlane.rubiconproject.com	ads.rubiconproject.com
2	btloader.com	1 redirects portal.tds.net
2	www.googletagmanager.com	rumcdn.geoedge.be www.google-analytics.com
1	cf340ff69f06035ff742c1ada7462dd0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tracking.newsrpm.com
1	www.fdazar.com
1	us-u.openx.net	google-bidout-d.openx.net
1	match.adsrvr.org	google-bidout-d.openx.net
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	google-bidout-d.openx.net	rumcdn.geoedge.be
1	mug.criteo.com	portal.tds.net
1	ad.doubleclick.net	portal.tds.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	location.imds-api.com	tesseract.imds-cdn.com
1	vam-image.imds-cdn.com	portal.tds.net
1	portal-static.imds-cdn.com	portal.tds.net
1	widgets.financialcontent.com	rumcdn.geoedge.be
1	cdn.prod.uidapi.com	rumcdn.geoedge.be
1	cdn.id5-sync.com	rumcdn.geoedge.be
1	invstatic101.creativecdn.com	rumcdn.geoedge.be
1	tags.crwdcntrl.net	rumcdn.geoedge.be
1	cdn.jsdelivr.net	rumcdn.geoedge.be
1	cdn-ima.33across.com	rumcdn.geoedge.be
1	oa.openxcdn.net	rumcdn.geoedge.be
1	static.criteo.net	rumcdn.geoedge.be
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	geo.privacymanager.io	ats.rlcdn.com
1	ads.rubiconproject.com	sadlib.imds-cdn.com
1	contango-cdn.technoratimedia.com	sadlib.imds-cdn.com
1	wrappers.geoedge.be	sadlib.imds-cdn.com
1	ats.rlcdn.com	sadlib.imds-cdn.com
1	sadlib.imds-cdn.com
1	cdn.taboola.com
1	portal.tds.net
1	mybendbroadband.com	1 redirects
0	eus.rubiconproject.com Failed	ads.rubiconproject.com
0	pressadvantage.vaesite.net Failed
153	62

This site contains links to these domains. Also see Links.

Domain
www.accuweather.com
tdstelecom.com
css.tds.net
amzn.to
www.tdsbusiness.com
my.tdstelecom.com

Subject Issuer	Validity	Valid
portal.tds.net Entrust Certification Authority - L1K	`2022-11-02` - `2023-11-02`	a year	crt.sh
*.imds-cdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-07` - `2023-09-22`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.technoratimedia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.imds-api.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-07` - `2023-09-19`	a year	crt.sh
*.cloudquote.net Sectigo RSA Domain Validation Secure Server CA	`2023-04-25` - `2024-05-25`	a year	crt.sh
financialcontent.com Amazon RSA 2048 M02	`2023-03-07` - `2024-04-04`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.newsrpm.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-24` - `2023-12-17`	8 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
fdazar.com R3	`2023-07-16` - `2023-10-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Frame ID: B23086113EA499DE5A33BE15DD8A98E4
Requests: 93 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=portal.tds.net&us_privacy=1---
Frame ID: 7309E38304818C04F658B3D44E94C959
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B6311F07CE2399ADD892F50247A188C0
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d12282.946277209896!2d-104.81982!3d39.67814!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xc4a24ba3ecef4b6a!2sFranklin%20D.%20Azar%20%26%20Associates%2C%20P.C.!5e0!3m2!1sen!2sus!4v1636565553839!5m2!1sen!2sus
Frame ID: 413E8BE86208D63434E1A92D0E10D27D
Requests: 16 HTTP requests in this frame

Frame: https://cf340ff69f06035ff742c1ada7462dd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B86B9A41203DB1DC3BBC4909B8080755
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: 5251994C3A00DDE0E88DC4246C21E837
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: 40B9694F709D25D6994CAC7B3003CF65
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Frame ID: E8B872DD56D880B4C051ADC6E3BCABE2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2DE4236E771FA31739B60B577CE4865E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD137BDB8E3D2B362ECE9A874A14ED53
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?geo=na&co=us
Frame ID: 7611BDA85CBC849171F7C20D9D82F063
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Natalie Brown Wins the CTLA's Lifetime Achievement Award, Cementing Her Reputation as One of the Best Lawyers in America

Page URL History Show full URLs

http://mybendbroadband.com/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-t... HTTP 301
https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-t... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

153
Requests

92 %
HTTPS

46 %
IPv6

39
Domains

62
Subdomains

54
IPs

8
Countries

3281 kB
Transfer

8621 kB
Size

30
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://www.accuweather.com/de/us/buffalo-ny/14202/current-weather/349726?partner=web_imds_tds_adc
Title: 71°Buffalo, NY

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/LP/shop-tds.html
Title: Shop TDS

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/support/outage.html
Title: Outage Info

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/LP/manage-account.html
Title: My Account

Search URL Search Domain Scan URL

URL: https://css.tds.net/auth/route/check-email/
Title: Email

Search URL Search Domain Scan URL

URL: https://amzn.to/2RAyWcs

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/LP/pay-bill.html
Title: Pay Bill

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/LP/contact-us-portal.html
Title: Contact TDS

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/LP/help-and-support.html
Title: Help & Support

Search URL Search Domain Scan URL

URL: http://tdstelecom.com/LP/pay-bill.html
Title: Pay Bill

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/policies/terms-of-service.html
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/
Title: Shop TDS Residential Services

Search URL Search Domain Scan URL

URL: http://tdstelecom.com/LP/my-account-portal.html
Title: My Account

Search URL Search Domain Scan URL

URL: https://tdstelecom.com/careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: http://www.tdsbusiness.com/
Title: Shop TDS Business Services

Search URL Search Domain Scan URL

URL: http://tdstelecom.com/about.html
Title: About Us

Search URL Search Domain Scan URL

URL: http://my.tdstelecom.com/subscribe/
Title: Email Updates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mybendbroadband.com/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america HTTP 301
https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://btloader.com/tag?aax_id=AAXOTQM53&upapi=true HTTP 302
https://btloader.com/tag?o=5090917147475968&upapi=true

Request Chain 56

https://oajs.openx.net/esp?url=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&rid=esp&cc=1

Request Chain 65

https://gum.criteo.com/sid/json?origin=publishertagids&domain=tds.net&sn=ChromeSyncframe&so=0&topUrl=portal.tds.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=WPJ30nwyR1JMblBWd3VveWloVzg3Q0tVVXNPZUVQNGdHRDZRTlZjOWlLQlZVT1NpOTVONzVvNGI5eUthcitySzMxOG0wY3g0R0FHR2thblNTUW9IVldNUWpPNEt3SGVvQ0REUVhOaVh4bXZNOTNSMzJ2Q1drMVROWHNtaGp2eGVrR2U3ZkhNRnQxQW5CQmZ6NEluWXRPajllNXVHRjBQNGRVTGxzWlZwaGpWZTRBL0J1OE5HaVR0WFlEZjhSUFZQamdnb0VnT2YrbFBTYzhhRmRJL2MrbVh3WmJYeTFCWjV3UVlZdHFoNTI3VEdiZTVSeTNtMTV5bmZlSSsxK3hZWFN0VlZXVUphRkNCU3JKYnpoY1FqZG5PZkdHQT09fA&cppv=2

Request Chain 79

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=31a9ff8b-4071-c5c1-3016-3005ea1ab07d HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=31a9ff8b-4071-c5c1-3016-3005ea1ab07d&dcc=t

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDUxMDUwM2MtOTVhYy0yMDlmLWU1ZjgtZTgyYjQ4Y2JiNWZk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDUxMDUwM2MtOTVhYy0yMDlmLWU1ZjgtZTgyYjQ4Y2JiNWZk&google_tc=

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEED6iDV0VhkqiVr7I22OksQ&google_cver=1

153 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Show response
portal.tds.net/finance/category/press/article/
Redirect Chain

http://mybendbroadband.com/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-ame...
https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america

6 KB
2 KB

475ms
119ms

Document
text/html

132.226.38.239
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.38.239 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: 28628a13be1509234addcd69afcc0ae7e60cf6d29bd017abdb77abfca7c781c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 1957
content-type: text/html; charset=utf-8
date: Fri, 25 Aug 2023 06:15:34 GMT
link: <https://tesseract.imds-cdn.com/tesseract.js>; rel=preload; as=script <https://cdn.taboola.com/libtrc/synacor-network1/loader.js>; rel=preload; as=script <https://sadlib.imds-cdn.com/client/synacor/synacor.js>; rel=preload; as=script
server: nginx
vary: Accept-Encoding, User-Agent
via: 1.1 varnish
x-varnish: 521278602

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 25 Aug 2023 06:15:33 GMT
Location: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Server: nginx

GET
H2 200 tesseract.js Show response
tesseract.imds-cdn.com/ 142 KB
35 KB 306ms
210ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/tesseract.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: a66f556390740e2fbc9bc7dd83d2b543bbc2c54cb239e592b88d4dacd3c59fe5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:47 GMT
server: Apache
etag: "236ed-6030ed0c104c0+gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=300
content-length: 35264
expires: Fri, 25 Aug 2023 06:20:34 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/synacor-network1/ 683 KB
113 KB 285ms
232ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/synacor-network1/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e200859012d9843456e0f56fe9e429adbc31397f3421c73ebc3a1c1fbcec293b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: TT13TkUbp4f6nOfIG4YECUGgCSSB2jJN
content-encoding: gzip
via: 1.1 varnish
date: Fri, 25 Aug 2023 06:15:34 GMT
x-amz-request-id: 0TF57JAH166JG0HE
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 114747
x-amz-id-2: YmG6XNi9Q1d+UBJJvW58tMR5JcmUUOb/65s7Vy0ZoO35wkfcXZBx7FCzzFFFjQb6/Ye8x98L0C0=
x-served-by: cache-mxp6968-MXP
last-modified: Thu, 24 Aug 2023 10:32:02 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692944134.148995,VS0,VE211
etag: "56e9f7752c53dd6c9a38989e0638bed9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 synacor.js Show response
sadlib.imds-cdn.com/client/synacor/ 625 KB
160 KB 278ms
207ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://sadlib.imds-cdn.com/client/synacor/synacor.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: efed5f1fba8d90b12413c041f7226236d1490ad3ec5dc31dda20b106b7ed9105

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 20:31:27 GMT
server: Apache
etag: "9c305-6033869b845c0+gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=300
content-length: 163576
expires: Fri, 25 Aug 2023 06:20:34 GMT

GET
H2 200 tdstelecom.tesseract.css
tesseract.imds-cdn.com/ 9 KB
2 KB 319ms
226ms Stylesheet
text/css 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: dc8274d027c500c43f9b88ac304488253cc145016079d0cdb1a55d6e4597943d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:47 GMT
server: Apache
etag: "2372-6030ed0c104c0+gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=300
content-length: 2467
expires: Fri, 25 Aug 2023 06:20:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 142ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sadlib.imds-cdn.com
URL: https://sadlib.imds-cdn.com/client/synacor/synacor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59de363ff589bec5dddba81d0c4ff4384a43b686c80d5a1e69f6045951c4c9d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29178
x-xss-protection: 0
server: cafe
etag: 312 / 19594 / m202308210101 / config-hash: 11948005394286062217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 06:15:34 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 248 KB
61 KB 79ms
24ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: sadlib.imds-cdn.com
URL: https://sadlib.imds-cdn.com/client/synacor/synacor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 05:17:16 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 3498
x-amz-server-side-encryption: AES256
etag: W/"761fb227b5d9333f86d2e976465cc3f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: mU2WQ99HkEYqROPqhqdW7ZfSzIkf4CkLa__vvQuDnk2RU1VEh4B7Yg==

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ 14 KB
6 KB 93ms
24ms Script
application/javascript 2600:9000:2491:5200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Requested by: Host: sadlib.imds-cdn.com
URL: https://sadlib.imds-cdn.com/client/synacor/synacor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21de32a31b934126535d48ccc684d18827d937d7e08d68cb68149a894b914d62

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:02:45 GMT
x-amz-version-id: bZ3UZGca0o16G8AgF07kMGCHzNrdrws8
content-encoding: br
last-modified: Thu, 24 Aug 2023 09:34:49 GMT
server: AmazonS3
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"dbb50c1d59c31f0ccd09001e145c285f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 770
x-amz-cf-id: 6mnUnvUr1rZYIvoAJueYxd7K0RMiwdjXDNSFZqnPESVC1gqR0bgWHg==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 236 KB
73 KB 79ms
24ms Script
text/javascript 143.204.98.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: sadlib.imds-cdn.com
URL: https://sadlib.imds-cdn.com/client/synacor/synacor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-49.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding: br
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
date: Fri, 25 Aug 2023 05:29:02 GMT
last-modified: Thu, 08 Jun 2023 08:56:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2793
x-amz-server-side-encryption: AES256
etag: W/"a23e5e8674928ef24c6825d63b8d2927"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: PQvMwKQ92nsgXynOOJ8hXCobrB_aziX2fljfxHasdzIxNFWPNNVQDw==

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
3 KB 99ms
22ms XHR
text/html 2600:9000:2240:e000:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: sadlib.imds-cdn.com
URL: https://sadlib.imds-cdn.com/client/synacor/synacor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e000:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Thu, 24 Aug 2023 19:53:58 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 37297
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: RmWF4ffamk2iXoYLw47gKVHFnZ8cGvSqv3kxrboe-69TH18hiOF_IA==

GET
H2 200 sellers.json Show response
contango-cdn.technoratimedia.com/ 12 KB
3 KB 3818ms
3730ms XHR
application/json 2606:2800:233:f76:14f7:d635:25c4:c8d7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://contango-cdn.technoratimedia.com/sellers.json
Requested by: Host: sadlib.imds-cdn.com
URL: https://sadlib.imds-cdn.com/client/synacor/synacor.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/3378) / Express
Resource Hash: ea4020fe1a3994f9b537477ac8179eb2208a86167475b67d6c9fe9e223d5eb37

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:38 GMT
content-encoding: gzip
server: ECAcc (muc/3378)
etag: W/"3168-UXYwgUPeF6FuR/fWYEwycasN1ao"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=900

GET
H2 200 13344.js Show response
ads.rubiconproject.com/header/ 81 KB
25 KB 105ms
51ms Script
application/javascript 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/header/13344.js
Requested by: Host: sadlib.imds-cdn.com
URL: https://sadlib.imds-cdn.com/client/synacor/synacor.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 718c040d5ad20d9864af9337cda69f0d694a87bd58ea5b5df5e4a4ac61bb3f0f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 17:57:36 GMT
server: Apache
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 25737
expires: Fri, 25 Aug 2023 06:15:34 GMT

GET
H2 200 tdstelecom-config-json.77a9201f.chunk.js Show response
tesseract.imds-cdn.com/config/ 49 KB
15 KB 31ms
30ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/config/tdstelecom-config-json.77a9201f.chunk.js
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/tesseract.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/333B) /
Resource Hash: 1fba6e63f5de41d8a857a9e267acc31befb6f72b15bedfc6e6fdbce11116b233

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:47 GMT
server: ECAcc (muc/333B)
age: 118245
etag: "c5f7-6030ed0c104c0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
content-length: 14922
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ 319 KB
94 KB 27ms
27ms Script
text/javascript 2600:9000:2491:5200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23ef9bcfc9402e2c22a001966d3e2c64f0acf40329fe4683f9ae82ab7aa9c4c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:02:46 GMT
x-amz-version-id: p5nu_SUvbh5i7mpqKHu9c3zw02A7opEs
content-encoding: br
last-modified: Fri, 25 Aug 2023 05:27:56 GMT
server: AmazonS3
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"8bedbfb5e3d461abb176e9d43730a516"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 769
x-amz-cf-id: kCVDIdLRtxV5GSsBkJHsI8ZoGT7A9DfQFJLXGXXDCiP1oYUnrKBpEQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
82 KB 85ms
34ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M2JVV7T6GC

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ca709f36534450e8e3fe62e77fe0ed06d9284d699bdd846c253301627ec8f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83416
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 06:15:34 GMT

GET
H2 200 tdstelecom.9023.css
tesseract.imds-cdn.com/ 53 KB
7 KB 216ms
216ms Stylesheet
text/css 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/tdstelecom.9023.css
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 06b14f3f2d6604c9bf4e1bad482728f29a90519fe9ba768e8d351a13d3f181ea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:47 GMT
server: Apache
etag: "d535-6030ed0c104c0+gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=300
content-length: 6758
expires: Fri, 25 Aug 2023 06:20:34 GMT

GET
H2 200 9023.dc1db8ca.chunk.js Show response
tesseract.imds-cdn.com/ 38 KB
10 KB 31ms
30ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/9023.dc1db8ca.chunk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/3310) /
Resource Hash: a0c11e71230e3765d4ba258a6ab9d6b9ec040cd045c3e29775b2c885e1947041

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:46 GMT
server: ECAcc (muc/3310)
age: 122169
etag: "9876-6030ed0b1c280+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
content-length: 9750
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 tdstelecom.2458.css
tesseract.imds-cdn.com/ 75 KB
9 KB 219ms
218ms Stylesheet
text/css 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/tdstelecom.2458.css
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: f45c228fb662ea29234c9fd33a73ebfe5ef856039db28e7f28d0c5c311111897

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:47 GMT
server: Apache
etag: "12c6c-6030ed0c104c0+gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=300
content-length: 9641
expires: Fri, 25 Aug 2023 06:20:34 GMT

GET
H2 200 2458.9dc0c00c.chunk.js Show response
tesseract.imds-cdn.com/ 146 KB
37 KB 28ms
27ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/2458.9dc0c00c.chunk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/332D) /
Resource Hash: 71595007e1eccbe8d736bad96c94cc5940ee2fb68769125850a99e5ea2220bd1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:46 GMT
server: ECAcc (muc/332D)
age: 122169
etag: "247f5-6030ed0b1c280+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
content-length: 38204
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 1445.db40b093.chunk.js Show response
tesseract.imds-cdn.com/ 70 KB
21 KB 32ms
31ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/1445.db40b093.chunk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/331D) /
Resource Hash: e45f0890e8bb69a56be8f844f29520392eb6ed9590fd5b4437493949f2f7965d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 16:51:35 GMT
server: ECAcc (muc/331D)
age: 726426
etag: "1175c-602a88686b3c0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
content-length: 21226
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 tdstelecom.6206.css
tesseract.imds-cdn.com/ 88 KB
9 KB 218ms
217ms Stylesheet
text/css 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/tdstelecom.6206.css
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: b69971baf4c50aa7ce898f43aa67018145a508dffb0cb111c6343a1e81de01f0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:47 GMT
server: Apache
etag: "1600d-6030ed0c104c0+gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=300
content-length: 9162
expires: Fri, 25 Aug 2023 06:20:34 GMT

GET
H2 200 6206.327e01b9.chunk.js Show response
tesseract.imds-cdn.com/ 250 KB
70 KB 49ms
48ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/6206.327e01b9.chunk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/3330) /
Resource Hash: 10f138bb7bff8e151c40946b049385cef935cfc25c3220f9dbeeb59d4445cf2b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 18:53:46 GMT
server: ECAcc (muc/3330)
age: 122169
etag: "3e61c-6030ed0b1c280+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
content-length: 71561
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 tdstelecom.singlecube-finance-press.css
tesseract.imds-cdn.com/widgets/ 1 KB
1 KB 213ms
212ms Stylesheet
text/css 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/widgets/tdstelecom.singlecube-finance-press.css
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 8d9f1fe9f00b89c205ba6ace314efe77c60535feb7ae23c5e58a0aad61ab6c10

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
last-modified: Wed, 16 Aug 2023 18:53:47 GMT
server: Apache
etag: "41b-6030ed0c104c0"
content-type: text/css
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=300
accept-ranges: bytes
content-length: 1051
expires: Fri, 25 Aug 2023 06:20:34 GMT

GET
H2 200 singlecube-finance-press.1ba7b8e1.chunk.js Show response
tesseract.imds-cdn.com/widgets/ 7 KB
7 KB 217ms
217ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/widgets/singlecube-finance-press.1ba7b8e1.chunk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 312a53c21c5ceac1529170fa13c84bfd18e2ae5bbd271cdc36a0934585b36ad1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
last-modified: Wed, 16 Aug 2023 18:53:47 GMT
server: Apache
etag: "1b49-6030ed0c104c0"
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6985
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 roboto-regular_3bd3a.woff
tesseract.imds-cdn.com/assets/ 18 KB
19 KB 73ms
28ms Font
application/font-woff 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/assets/roboto-regular_3bd3a.woff
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/3325) /
Resource Hash: 8740f04a97202a2483d54a5781598c30cceac029a1522b6c5dd270250b9d1a17

Request headers

Referer: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Origin: https://portal.tds.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
last-modified: Wed, 02 Aug 2023 13:50:43 GMT
server: ECAcc (muc/3325)
age: 1273266
etag: "49d8-601f0f31ff2c0"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18904
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 62ms
21ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 09:22:27 GMT
x-amz-cf-pop: FRA56-P3
age: 75188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: tkpTyd6pITVsUELuDUrkKNXBWD5yv8dbQhb9IFJT3ILxkMZuMn338w==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 611 B
967 B 26ms
26ms XHR
application/json 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fportal.tds.net&pubid=fa06da55-7aca-4111-be89-a65f83330498
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c049c091f530de41446488ef6768fc1ab7b5f330dcd289203e256a9806e922be

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 04:04:34 GMT
via: 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 7860
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://portal.tds.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 611
x-amz-cf-id: JUWefj1VZ_llKl_RvXYtfGF4H6Akk9u6NPopZ78HtTAwV6F1HTBt3Q==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
616 B 79ms
21ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 2081db546970ec8e804cf7f13ca596212cd96a8c934e0127a2c4196e54b6bb26

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 03:08:08 GMT
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 11246
x-amzn-requestid: e9b98f01-83a5-4516-822b-9a05151f987a
x-amzn-trace-id: Root=1-64e81b18-49d5ab3533fbe5c25e8123db;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: KMkr6FnvDoEF94g=
content-length: 30
x-amz-cf-id: -Ljdcp89YGipizqE5wAyD3s0AJFWMpiaIJ9aMAhV2zgs5q0MlEjtOg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://btloader.com/tag?aax_id=AAXOTQM53&upapi=true
https://btloader.com/tag?o=5090917147475968&upapi=true

17 KB
8 KB

147ms
147ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5090917147475968&upapi=true
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e26b7075301f62265adb988b534ea57ce8009f2155c8af032ce0f6f7630c99

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 25 Aug 2023 06:11:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"23194641a60f7623ac693c65755a0fda"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMLOr2IIqtUatoMqtV7eYL6HPy5bPVJ%2FIkq7afLe4LTSoTF3JKoDAVpXaG0aIoJTno9nE1XFCFFMkwdKQtAJijSiQExUoAXW8z2kXDC8HKjMlM2oizUes49uZz71fTBYXN88AelPQiVmZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7fc1b38bbc2bbae7-MXP

Redirect headers

date: Fri, 25 Aug 2023 06:15:34 GMT
via: 1.1 google
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGZXTs8qwwQQtkcdZL8h3VgdyQoicZVWq5iJGveeqpGkalbHaTqcTgStw6xqsXQ8ZeZjRDDQXqs3PT4idOjTidnQeAHFP6DfdN%2Fa6RUviyp16ZGWQSXERb80xWFe4iI0eU6ggwVv3F46%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5090917147475968&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7fc1b389da90bae7-MXP

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/ 403 KB
127 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

276c9e02c58a3c043348cb103438d3e09044b2698481197f84e123d487a1253c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18668
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129841
x-xss-protection: 0
server: cafe
etag: 17107103858499901094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 24 Aug 2024 01:04:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 92ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M2JVV7T6GC&gtm=45je38n0&_p=1304353236&cid=1314041049.1692944135&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692944134&sct=1&seg=0&dl=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&dt=Finance%20Press%20-%20TDS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M2JVV7T6GC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 151ms
65ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&pid=GRw24wQp4Inys&cb=0&ws=1600x1200&v=23.821.1806&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-atf_finance_masthead%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F5284%2C22708829342%2Fsyn.tds%2Fatf%2Ffinance%2Fmasthead%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-atf_finance_main%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5284%2C22708829342%2Fsyn.tds%2Fatf%2Ffinance%2Fmain%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-btf_finance_main%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5284%2C22708829342%2Fsyn.tds%2Fbtf%2Ffinance%2Fmain%22%7D%5D&gpp=DBABTA~1---&pubid=fa06da55-7aca-4111-be89-a65f83330498&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: VFZN5982H2W1CQ7ZRTF3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://portal.tds.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2Kr8A3Be56KQUV1YF_W_CdF3czjqdP99qHyV5BrwnmroAFY9YH2aTg==

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
819 B 108ms
29ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13344&size_id=15&p_pos=atf&rf=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&kw=rp.fastlane&tg_i.domain=portal.tds.net&tg_fl.eid=div-gpt-ad-atf_finance_main&tg_fl.uname=%2F5284%2C22708829342%2Fsyn.tds%2Fatf%2Ffinance%2Fmain&tg_fl.pr_acctid=13344&tk_flint=plain&x_source.tid=c90d57c0-5750-4f8e-aa40-0e468c62bb16&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.40799142076387773
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/13344.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: dda79224fd4830f612e505345baa1282c4ec31caa77647044aa4183b8aca342c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 308
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
646 B 111ms
32ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13344&size_id=15&p_pos=btf&rf=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&kw=rp.fastlane&tg_i.domain=portal.tds.net&tg_fl.eid=div-gpt-ad-btf_finance_main&tg_fl.uname=%2F5284%2C22708829342%2Fsyn.tds%2Fbtf%2Ffinance%2Fmain&tg_fl.pr_acctid=13344&tk_flint=plain&x_source.tid=c90d57c0-5750-4f8e-aa40-0e468c62bb16&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rand=0.798573824012581
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/header/13344.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ffe4f3d33edef090e999754eef7d35fb78fbbde27a6507e930f9291b9435d9f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 308
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 147ms
72ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Aug 2023 06:15:34 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 55ms
15ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 01:52:32 GMT
content-encoding: gzip
age: 2348582
x-guploader-uploadid: ADPycduRLBk-T_3U5uEhH-TjmHJ4Z4e4qKJXvaOj8rpeZs24g_jxQ5nxPUQCCxxvoVTGC-Y1Sr3vNA-n_qC49OCM4t-TyTtFcOhU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 28 Jul 2024 01:52:32 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 99ms
47ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 49262
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7fc1b38ac9ae24c4-ZRH
expires: Mon, 28 Aug 2023 06:15:34 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 73ms
32ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 714
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbOV3AcvyWETwVK%2BsTyv95Ir5SYzMYYB86wvkUR4jEkCjViysVLuAQzRhuPdg86vLgUHH2UtbvQpFxg4exupUjbWwmcyWlOqwVLzcaPh%2F9fC9L3GV3JDkFDealceeZey8WtUC6eAuW5%2FU939SgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7fc1b38aab0224c6-ZRH

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 81ms
22ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 15:55:11 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 51624
x-amz-server-side-encryption: AES256
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: QFmlfxeZOv6dSksn8NyAT_pCR-Xatuctn9h6eCvu2BMqvNSfjNOwOg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 93ms
37ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 064938fd1c156aedf52bafc979a2a283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
27 KB 80ms
25ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: PZWZRGMGZGC1FZZC
age: 6
x-amz-server-side-encryption: AES256
x-amz-id-2: S58JdPqukaHa1PfPpov4GyEz83dr63BKbaJmuhDvlOSU38dLMdr4IM2RoJbb53yBIZS0UEGIoH8=
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7fc1b38acf7a0e77-MXP
expires: Fri, 25 Aug 2023 07:15:34 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 83ms
23ms Script
text/javascript 2600:9000:2250:7600:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7600:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 25 Aug 2023 05:08:18 GMT
Via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 4037
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 7u-Mec2RJsu0uSXOA97KCB_nItj7fQjg6m1_SxBfvQenkrJBOD420A==

OPTIONS
H2 204 /
scs.imds-api.com/feeds/id/gen4_sc_special_title/ Frame 0
0 440ms
117ms Preflight 129.80.81.219
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://scs.imds-api.com/feeds/id/gen4_sc_special_title/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

129.80.81.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

bigip-ccendeca2-prod-z5qa-oracleoutsourcing.oracle.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: site
Access-Control-Request-Method: GET
Origin: https://portal.tds.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: authorization, site
access-control-allow-methods: GET
access-control-allow-origin: https://portal.tds.net
age: 3154
cache-control: max-age=3600, public
date: Fri, 25 Aug 2023 06:15:35 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-timer: -0.000
x-varnish: 67989984 68044751

GET
H2 200 / Show response
scs.imds-api.com/feeds/id/gen4_sc_special_title/ 189 B
489 B 117ms
117ms Fetch
application/hal+json 129.80.81.219
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://scs.imds-api.com/feeds/id/gen4_sc_special_title/

Requested by

Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/2458.9dc0c00c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

129.80.81.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

bigip-ccendeca2-prod-z5qa-oracleoutsourcing.oracle.com

Software

nginx /

Resource Hash

fd2ab4fd8d6e1cb9dffef21dab155f61d943816c9753bdcc48e2852d1ca970f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portal.tds.net/
Accept-Language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
site: tdstelecom-gen4

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 varnish
strict-transport-security: max-age=15768000
server: nginx
age: 17
x-timer: -0.000
vary: Accept,Accept-Encoding,Content-Type,Origin,Site,Authorization
x-varnish: 45474759 69174575
access-control-allow-origin: https://portal.tds.net
content-type: application/hal+json
cache-control: max-age=60, public, x-grace=900
accept-ranges: bytes
content-length: 189

GET
H/1.1 200
OK sortedSecurityList.json Show response
api.cloudquote.net/fcon/ 16 KB
4 KB 373ms
110ms Fetch
application/json 2001:470:1f07:135:e63d:1aff:fe85:29d0
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cloudquote.net/fcon/sortedSecurityList.json?type=STOCK&list=%2BdollarVolume&filter=MAJORCOMPANIES&limit=10
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/6206.327e01b9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:470:1f07:135:e63d:1aff:fe85:29d0 Brooklyn, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: / Express
Resource Hash: 43a6162a627badafa6ba0a6bcee4a8eb32bf90603d11eb793a1ae415d1c281c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"3f92-Du7msDmOmQLeB6kySC1ZZiCToGU"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
keep-alive: timeout=5

GET
H/1.1 200
OK sortedSecurityList.json Show response
api.cloudquote.net/fcon/ 8 KB
2 KB 369ms
107ms Fetch
application/json 2001:470:1f07:135:e63d:1aff:fe85:29d0
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cloudquote.net/fcon/sortedSecurityList.json?type=STOCK&list=%2BdollarVolume&filter=MAJORCOMPANIES&limit=5
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/6206.327e01b9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:470:1f07:135:e63d:1aff:fe85:29d0 Brooklyn, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: / Express
Resource Hash: 09bf22d9b6f0c0e543f7ff362eda8f74a3f8138c4f5f9320fc75b110bf5fbfa8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"207b-Q8EC5RtocKFZNBDCSDe40r/4UJ8"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
keep-alive: timeout=5

GET
H/1.1 200
OK sortedSecurityList.json Show response
api.cloudquote.net/fcon/ 7 KB
2 KB 370ms
105ms Fetch
application/json 2001:470:1f07:135:e63d:1aff:fe85:29d0
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cloudquote.net/fcon/sortedSecurityList.json?type=STOCK&list=%2BpercentChange&filter=MAJORCOMPANIES&limit=5
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/6206.327e01b9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:470:1f07:135:e63d:1aff:fe85:29d0 Brooklyn, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: / Express
Resource Hash: 03b6e27a1c6c6a78fb6f01888648b73e0831e0dcd944332194d982b48e41bf4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"1c8e-WyCykzuYZToUNBFI9Sf5aVqSNE8"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
keep-alive: timeout=5

GET
H/1.1 200
OK sortedSecurityList.json Show response
api.cloudquote.net/fcon/ 8 KB
2 KB 371ms
106ms Fetch
application/json 2001:470:1f07:135:e63d:1aff:fe85:29d0
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cloudquote.net/fcon/sortedSecurityList.json?type=STOCK&list=%2Bpopularity&filter=MAJORCOMPANIES&limit=5
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/6206.327e01b9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:470:1f07:135:e63d:1aff:fe85:29d0 Brooklyn, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: / Express
Resource Hash: 42f4a25061750f158c23db32835a589b06a00c3b16115e0663e6a2afb6aa063f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"207d-SHXUzOT5gEfkirky3vxW65X/Ofk"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
keep-alive: timeout=5

GET
H/1.1 200
OK sortedSecurityList.json Show response
api.cloudquote.net/fcon/ 7 KB
2 KB 371ms
106ms Fetch
application/json 2001:470:1f07:135:e63d:1aff:fe85:29d0
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cloudquote.net/fcon/sortedSecurityList.json?type=STOCK&list=-percentChange&filter=MAJORCOMPANIES&limit=5
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/6206.327e01b9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:470:1f07:135:e63d:1aff:fe85:29d0 Brooklyn, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: / Express
Resource Hash: 7189aec9c7abca85f7f5aa079d9e38e5a7b59d68472faca29f98cead2d40cbc0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"1da7-R8vEOGX5kPgz/a9VyDxVZ+U1uRY"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
keep-alive: timeout=5

GET
H2 200 roboto-medium_f191d.woff
tesseract.imds-cdn.com/assets/ 19 KB
19 KB 30ms
29ms Font
application/font-woff 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/assets/roboto-medium_f191d.woff
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/337C) /
Resource Hash: 69c1738b42e57aa31f032ddb1c73bff2c852c92a37f346fc785c7a02397c62e8

Request headers

Referer: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Origin: https://portal.tds.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
last-modified: Thu, 06 Apr 2023 22:12:31 GMT
server: ECAcc (muc/337C)
age: 11216984
etag: "4a94-5f8b2346d51c0"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19092
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 cube-icons_9e0cc.ttf
tesseract.imds-cdn.com/assets/ 13 KB
13 KB 30ms
30ms Font
application/font-sfnt 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/assets/cube-icons_9e0cc.ttf
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/3330) /
Resource Hash: 2d44a7791cb03d9a54bded6c789e9daa6377f72023749a9349a1a23be6a82838

Request headers

Referer: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Origin: https://portal.tds.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
last-modified: Fri, 26 May 2023 20:11:29 GMT
server: ECAcc (muc/3330)
age: 7364218
etag: "34b4-5fc9e57a4be40"
x-cache: HIT
content-type: application/font-sfnt
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13492
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 roboto-black_7fa99.woff
tesseract.imds-cdn.com/assets/ 72 KB
72 KB 31ms
31ms Font
application/font-woff 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/assets/roboto-black_7fa99.woff
Requested by: Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/3366) /
Resource Hash: de72b9b6354519f6f266d8672cb520a8d15e9b7102efc4514c8a6eda2ee56f6f

Request headers

Referer: https://tesseract.imds-cdn.com/tdstelecom.tesseract.css
Origin: https://portal.tds.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:34 GMT
last-modified: Fri, 14 Apr 2023 20:59:43 GMT
server: ECAcc (muc/3366)
age: 11010332
etag: "11e24-5f9521ecdedc0"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 73252
expires: Sat, 24 Aug 2024 06:15:34 GMT

GET
H2 200 pressreleases.js Show response
widgets.financialcontent.com/synacor/ 363 KB
363 KB 479ms
416ms Script
application/javascript 108.138.17.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.financialcontent.com/synacor/pressreleases.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-23.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1dbf1ec3ce4090c8224ef4b609cebda9357c6eeb9e8aaca0099da79f5aff686

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:36 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 15:46:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
etag: "6af59878c7ebc510b8894fa44510d893"
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=60
accept-ranges: bytes
content-length: 371276
x-amz-cf-id: uwribEo5W9oqmHGqkj8-wsYB5ZRfWmL_5oxosIPLva-7KbtnYu2MYA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 39ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M2JVV7T6GC&gtm=45je38n0&_p=1304353236&cid=1314041049.1692944135&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692944134&sct=1&seg=0&dl=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&dt=Finance%20Press%20-%20TDS&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M2JVV7T6GC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 light_lg.png
portal-static.imds-cdn.com/images/tdstelecom-gen4/logos/ 7 KB
7 KB 231ms
216ms Image
image/png 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal-static.imds-cdn.com/images/tdstelecom-gen4/logos/light_lg.png
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Apache /
Resource Hash: 7a8f42d63407717253fe4ba8586d943ab02df1727c79eff3631e011a75b0e31d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
last-modified: Fri, 11 Aug 2023 16:36:52 GMT
server: Apache
etag: "1ae4-602a851e53100"
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6884
expires: Sat, 26 Aug 2023 06:15:35 GMT

GET
H2 200 40e42d121eb5fa83c2e4676f68a646b0598179c2
vam-image.imds-cdn.com/40/e4/ 892 B
1 KB 46ms
29ms Image
image/webp 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vam-image.imds-cdn.com/40/e4/40e42d121eb5fa83c2e4676f68a646b0598179c2
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/332C) /
Resource Hash: 72675b1843411950d6200e3a025803b0433770f4782a21839f820a2c1515a308

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
last-modified: Fri, 26 Aug 2022 18:44:26 GMT
server: ECAcc (muc/332C)
age: 31404669
x-cache: HIT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
access-control-allow-origin: *
content-type: image/webp
cache-control: max-age=365000000, immutable
accept-ranges: bytes
content-length: 892

GET
H2 404 / Show response
location.imds-api.com/ip/ 101 B
345 B 373ms
119ms Fetch
application/hal+json 129.80.81.219
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://location.imds-api.com/ip/?fields=verbose

Requested by

Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/2458.9dc0c00c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

129.80.81.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

bigip-ccendeca2-prod-z5qa-oracleoutsourcing.oracle.com

Software

nginx /

Resource Hash

f4645368232bbdb526bd07d4e92069248c4988a5b494462367be07364a0afdca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=15768000
server: nginx
age: 0
x-timer: 0.002
vary: Accept-Encoding, Origin
x-varnish: 67549788
access-control-allow-origin: https://portal.tds.net
content-type: application/hal+json
content-length: 114

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-r...
https://oajs.openx.net/esp?url=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-r...

85 B
203 B

131ms
130ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&rid=esp&cc=1
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e190deb58c6cf3cb9ca56144038b79ee7a2bdcf360f8902f6dbf86e4652073de

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-MgEjkaRomQf3yCyzJUC9QNnOquU"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portal.tds.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://portal.tds.net
location: /esp?url=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 349 B
623 B 79ms
38ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2218f03e4d554019dde3507e191333b5c906b9f4fb86ea9b459f1fa2ba0800d3

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 135a616568b11e23a80572ac27ffd79a
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
323 B 71ms
21ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://portal.tds.net
date: Fri, 25 Aug 2023 06:15:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7309 15 KB
6 KB 114ms
39ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=portal.tds.net&us_privacy=1---

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://portal.tds.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 06:15:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 273842
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
693 B 145ms
52ms XHR
application/json 52.213.174.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.174.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f87e7f769858b5961c941c0c1bab0cb6ae295f5c44f629e42d06499120bbd7af

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:35 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache
x-server: 10.45.16.186
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 179ms
130ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXOTQM53&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
865 B 71ms
23ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2236484
x-guploader-uploadid: ADPycdt_NsUfm1siC3v9eBr9V8DL4_jZkXaL_ZolZmm7QxxbDCDp1dS_zqEX4ML8z2t1rW1sXrmVQ1D1SYi5qLlS_jnXFobIR7E-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WEc7Ps7Qk0bsBlykeNsHqXKxThneAUWpeO5UEKeWme20maDHQIv2L2fgOL%2FrbBl0wd%2FOtE8SoevDoV5049aTMqgsv45rF%2FTZXiDJ4G3kd5X7bgsta%2FH1M61R4U32oS4QseRpWB1PvKssy6pVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7fc1b38cfa510e8b-MXP
expires: Sun, 30 Jul 2023 10:00:51 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
570 B 77ms
21ms Image
image/x-icon 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 05:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 05:55:35 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
342 B 72ms
24ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.381025885502541
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2236484
x-guploader-uploadid: ADPycdt_NsUfm1siC3v9eBr9V8DL4_jZkXaL_ZolZmm7QxxbDCDp1dS_zqEX4ML8z2t1rW1sXrmVQ1D1SYi5qLlS_jnXFobIR7E-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrDCQccefB%2BkyaSwiAckLWNMEwqxKK39Blh78Rhvb4WkGXkdldoEKGxtEKjDj0ZF24Qjhd0B2Gg%2FAgZxlmVqIeN%2FJWkFon%2F0wulPV6LUVo888YT7cxRjHJD0y3543O%2F6hW4HSoaolMtC%2B8SOww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7fc1b38cfa530e8b-MXP
expires: Sun, 30 Jul 2023 10:00:51 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7309
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=tds.net&sn=ChromeSyncframe&so=0&topUrl=portal.tds.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=WPJ30nwyR1JMblBWd3VveWloVzg3Q0tVVXNPZUVQNGdHRDZRTlZjOWlLQlZVT1NpOTVONzVvNGI5eUthcitySzMxOG0wY3g0R0FHR2thblNTUW9IVldNUWpPNEt3SGVvQ0REUVhOaVh4bXZNOTNSMzJ2Q1drMVROWHNtaG...

425 B
644 B

152ms
44ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WPJ30nwyR1JMblBWd3VveWloVzg3Q0tVVXNPZUVQNGdHRDZRTlZjOWlLQlZVT1NpOTVONzVvNGI5eUthcitySzMxOG0wY3g0R0FHR2thblNTUW9IVldNUWpPNEt3SGVvQ0REUVhOaVh4bXZNOTNSMzJ2Q1drMVROWHNtaGp2eGVrR2U3ZkhNRnQxQW5CQmZ6NEluWXRPajllNXVHRjBQNGRVTGxzWlZwaGpWZTRBL0J1OE5HaVR0WFlEZjhSUFZQamdnb0VnT2YrbFBTYzhhRmRJL2MrbVh3WmJYeTFCWjV3UVlZdHFoNTI3VEdiZTVSeTNtMTV5bmZlSSsxK3hZWFN0VlZXVUphRkNCU3JKYnpoY1FqZG5PZkdHQT09fA&cppv=2

Requested by

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c9f7860961535161d893102b8505539270a51cff6723975a64702faaf48dd5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7049615
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=WPJ30nwyR1JMblBWd3VveWloVzg3Q0tVVXNPZUVQNGdHRDZRTlZjOWlLQlZVT1NpOTVONzVvNGI5eUthcitySzMxOG0wY3g0R0FHR2thblNTUW9IVldNUWpPNEt3SGVvQ0REUVhOaVh4bXZNOTNSMzJ2Q1drMVROWHNtaGp2eGVrR2U3ZkhNRnQxQW5CQmZ6NEluWXRPajllNXVHRjBQNGRVTGxzWlZwaGpWZTRBL0J1OE5HaVR0WFlEZjhSUFZQamdnb0VnT2YrbFBTYzhhRmRJL2MrbVh3WmJYeTFCWjV3UVlZdHFoNTI3VEdiZTVSeTNtMTV5bmZlSSsxK3hZWFN0VlZXVUphRkNCU3JKYnpoY1FqZG5PZkdHQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 285331
content-length: 0
expires: 0

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 130ms
130ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXOTQM53&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 133ms
133ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=JcnQodlEm&w=6272195121119232&o=5090917147475968&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&sid=luEAn71HRY&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAXOTQM53&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 06:15:35 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 / Show response
weather.imds-api.com/current/location/42.89,-78.88/ 446 B
597 B 207ms
199ms Fetch
application/hal+json 129.80.81.219
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://weather.imds-api.com/current/location/42.89,-78.88/

Requested by

Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/2458.9dc0c00c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

129.80.81.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

bigip-ccendeca2-prod-z5qa-oracleoutsourcing.oracle.com

Software

nginx /

Resource Hash

c63cce317998fb8e49f98795332b05599502a27169d64598aa6b0f88452f763a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=15768000
age: 0
content-length: 258
server: nginx
x-timer: 0.081
etag: 5b42ec7466b10e999a250bcccf2fb077
vary: Accept-Encoding, Origin, Accept-Language
content-language: de
access-control-allow-origin: https://portal.tds.net
content-type: application/hal+json
cache-control: max-age=304, public, x-grace=1800
x-varnish: 67657876
accept-ranges: bytes

GET
H2 200 / Show response
weather.imds-api.com/airquality/location/42.89,-78.88/ 475 B
713 B 164ms
155ms Fetch
application/hal+json 129.80.81.219
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://weather.imds-api.com/airquality/location/42.89,-78.88/

Requested by

Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/2458.9dc0c00c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

129.80.81.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

bigip-ccendeca2-prod-z5qa-oracleoutsourcing.oracle.com

Software

nginx /

Resource Hash

f0d048495f4eeff7908273d9f91b21ec4ba964852bef0f2f82ba6d519307fd77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=15768000
age: 0
content-length: 374
server: nginx
x-timer: 0.037
etag: 35ebfd352d661b424f79921efa02377a
vary: Accept-Encoding, Origin, Accept-Language
content-language: de
access-control-allow-origin: https://portal.tds.net
content-type: application/hal+json
cache-control: max-age=314, public, x-grace=1800
x-varnish: 67989985
accept-ranges: bytes

GET
H2 204 / Show response
weather.imds-api.com/alerts/location/42.89,-78.88/ 0
246 B 206ms
197ms Fetch 129.80.81.219
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://weather.imds-api.com/alerts/location/42.89,-78.88/

Requested by

Host: tesseract.imds-cdn.com
URL: https://tesseract.imds-cdn.com/2458.9dc0c00c.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

129.80.81.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

bigip-ccendeca2-prod-z5qa-oracleoutsourcing.oracle.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 varnish
strict-transport-security: max-age=15768000
server: nginx
age: 0
x-timer: 0.080
vary: Accept-Encoding, Origin, Accept-Language
x-varnish: 45474760
access-control-allow-origin: https://portal.tds.net
content-language: de
cache-control: max-age=301, public, x-grace=1800

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame B631 594 B
806 B 176ms
126ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: af89c90c6032c3d38bbfefcf8c6c312a24f94edb605d64aa1b9e9289648ea1b2

Request headers

Referer: https://portal.tds.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 380
content-type: text/html
date: Fri, 25 Aug 2023 06:15:35 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

OPTIONS
H/1.1 200
OK pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
api.newsrpm.com/article/slug/ Frame 0
0 709ms
113ms Preflight
text/plain 104.247.86.163
GSCOMPUTING

General

Check archive.org

Show headers Download Go to

Full URL: https://api.newsrpm.com/article/slug/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.247.86.163 , United States, ASN395558 (GSCOMPUTING, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://portal.tds.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: *
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 25 Aug 2023 06:15:36 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
keep-alive: timeout=5
x-powered-by: Express

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: widgets.financialcontent.com
URL: https://widgets.financialcontent.com/synacor/pressreleases.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Aug 2023 05:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 25 Aug 2023 07:44:23 GMT

GET
H/1.1 200
OK pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Show response
api.newsrpm.com/article/slug/ 2 KB
985 B 298ms
298ms Fetch
application/json 104.247.86.163
GSCOMPUTING

General

Check archive.org

Show headers Download Go to

Full URL: https://api.newsrpm.com/article/slug/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Requested by: Host: widgets.financialcontent.com
URL: https://widgets.financialcontent.com/synacor/pressreleases.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.247.86.163 , United States, ASN395558 (GSCOMPUTING, US),
Reverse DNS
Software: / Express
Resource Hash: f6c7b942534073b515422ee31f99039fc64e342824be30d312a953efdfbcdba3

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
Authorization: publicKey gqp28e0kv2a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:36 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"63d-x9Yb9Vrhckhpf0SlGjmqIE+xCF4"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 28ms
28ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1304353236&t=pageview&_s=1&dl=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&ul=en-us&de=UTF-8&dt=Finance%20Press%20-%20TDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACgCI~&jid=317730635&gjid=1674654320&cid=1314041049.1692944135&tid=UA-8590502-6&_gid=1173355685.1692944136&_r=1&_slc=1&z=590820110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4174c448d957aa067e3090c1ffcb9f27a0e50cba326867dac140c1460cb0c5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 weather-svg-icon.c9221af6.chunk.js Show response
tesseract.imds-cdn.com/ 74 KB
13 KB 30ms
30ms Script
application/javascript 93.184.222.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tesseract.imds-cdn.com/weather-svg-icon.c9221af6.chunk.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.222.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (muc/3381) /
Resource Hash: 5bb6c78f0965053e2628a4f07e6644dbb9b75fb8d81527d79d3a8b71cef5d6ba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 16:51:35 GMT
server: ECAcc (muc/3381)
age: 726421
etag: "12900-602a88686b3c0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
cache-control: max-age=31536000
content-length: 13206
expires: Sat, 24 Aug 2024 06:15:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M455Q94K6T&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eaa408819ad2a043ff8ef66310dbc057e3d475ce9ad4e3725f10e9830946248d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 06:15:35 GMT

GET
H2 200 fdb8e5b2-cc77-ec72-c1cf-a4677d7eb6d4
pr-bh.ybp.yahoo.com/sync/openx/ Frame B631 43 B
604 B 143ms
44ms Image
image/gif 2a05:d018:d29:3601:34cf:96f9:2678:f523
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/fdb8e5b2-cc77-ec72-c1cf-a4677d7eb6d4?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:34cf:96f9:2678:f523 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B631
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=31a9ff8b-4071-c5c1-3016-3005ea1ab07d
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=31a9ff8b-4071-c5c1-3016-3005ea1ab07d&dcc=t

43 B
855 B

129ms
129ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=31a9ff8b-4071-c5c1-3016-3005ea1ab07d&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 06:15:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2EKAYEW42SZ3NN735Y2Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 06:15:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 642S2GD89RWYFBBQ56SZ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=31a9ff8b-4071-c5c1-3016-3005ea1ab07d&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B631 70 B
265 B 151ms
53ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=697f83f6-5cdb-7e3b-f018-b29282297b9d&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 25 Aug 2023 06:15:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B631
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDUxMDUwM2MtOTVhYy0yMDlmLWU1ZjgtZTgyYjQ4Y2JiNWZk
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDUxMDUwM2MtOTVhYy0yMDlmLWU1ZjgtZTgyYjQ4Y2JiNWZk&google_tc=

170 B
243 B

38ms
38ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDUxMDUwM2MtOTVhYy0yMDlmLWU1ZjgtZTgyYjQ4Y2JiNWZk&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDUxMDUwM2MtOTVhYy0yMDlmLWU1ZjgtZTgyYjQ4Y2JiNWZk&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B631
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEED6iDV0VhkqiVr7I22OksQ&google_cver=1

43 B
180 B

132ms
125ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEED6iDV0VhkqiVr7I22OksQ&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEED6iDV0VhkqiVr7I22OksQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 37ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M455Q94K6T&gtm=45je38n0&_p=1304353236&ul=en-us&sr=1600x1200&cid=1314041049.1692944135&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&dt=Finance%20Press%20-%20TDS&sid=1692944135&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M455Q94K6T&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK render Show response
api.newsrpm.com/body/6cYWh9UQNxQZv9qRaD0sJ8s7xZVkR9vj/ 13 KB
4 KB 238ms
238ms Fetch
application/json 104.247.86.163
GSCOMPUTING

General

Check archive.org

Show headers Download Go to

Full URL: https://api.newsrpm.com/body/6cYWh9UQNxQZv9qRaD0sJ8s7xZVkR9vj/render
Requested by: Host: widgets.financialcontent.com
URL: https://widgets.financialcontent.com/synacor/pressreleases.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.247.86.163 , United States, ASN395558 (GSCOMPUTING, US),
Reverse DNS
Software: / Express
Resource Hash: 2819f95b22bf4e9d07f8d5fb4fcf9a5e4051469eaa9f0c95e5ee797a53b6a286

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
Authorization: publicKey gqp28e0kv2a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:36 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"3444-5fNvbQr5ze0LZ6RY5N6hA5le8Pk"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *

OPTIONS
H/1.1 200
OK render
api.newsrpm.com/body/6cYWh9UQNxQZv9qRaD0sJ8s7xZVkR9vj/ Frame 0
0 114ms
113ms Preflight
text/plain 104.247.86.163
GSCOMPUTING

General

Check archive.org

Show headers Download Go to

Full URL: https://api.newsrpm.com/body/6cYWh9UQNxQZv9qRaD0sJ8s7xZVkR9vj/render
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.247.86.163 , United States, ASN395558 (GSCOMPUTING, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://portal.tds.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: *
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 25 Aug 2023 06:15:36 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
keep-alive: timeout=5
x-powered-by: Express

GET
H2 200 embed Show response
www.google.com/maps/ Frame 413E 3 KB
2 KB 327ms
278ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d12282.946277209896!2d-104.81982!3d39.67814!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xc4a24ba3ecef4b6a!2sFranklin%20D.%20Azar%20%26%20Associates%2C%20P.C.!5e0!3m2!1sen!2sus!4v1636565553839!5m2!1sen!2sus

Requested by

Host: widgets.financialcontent.com
URL: https://widgets.financialcontent.com/synacor/pressreleases.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7331f2c4bb122341cb7a52d17a9fd8d275093a5d15ed577242fbad22cdf09b97

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-fFqwuMtKoTMODsm2mkmSuw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.tds.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1374
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fFqwuMtKoTMODsm2mkmSuw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 06:15:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 NB-CTLA-Lifetime-Achievement-Award-1.jpeg
www.fdazar.com/wp-content/uploads/2023/03/ 451 KB
452 KB 548ms
131ms Image
image/jpeg 35.209.232.50
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fdazar.com/wp-content/uploads/2023/03/NB-CTLA-Lifetime-Achievement-Award-1.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.232.50 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 50.232.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b51162a80a518558d4f80ddcb62e9d527d7452ce66027659ce1525aeafc0f596

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
last-modified: Fri, 17 Mar 2023 17:35:03 GMT
server: nginx
etag: "6414a4c7-70da1"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 462241
expires: Sat, 24 Aug 2024 06:15:37 GMT

GET facebook.png
pressadvantage.vaesite.net/images/somacro/ 0
0

GET twitter.png
pressadvantage.vaesite.net/images/somacro/ 0
0

GET google.png
pressadvantage.vaesite.net/images/somacro/ 0
0

GET diggit.png
pressadvantage.vaesite.net/images/somacro/ 0
0

GET reddit.png
pressadvantage.vaesite.net/images/somacro/ 0
0

GET linkedin.png
pressadvantage.vaesite.net/images/somacro/ 0
0

GET
H/1.1 200
OK pixel
tracking.newsrpm.com/ 35 B
224 B 618ms
117ms Image
image/gif 172.105.13.106
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.newsrpm.com/pixel?slug=pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.105.13.106 Toronto, Canada, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-105-13-106.ip.linodeusercontent.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
keep-alive: timeout=5
x-powered-by: Express
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-type: image/gif

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 413E 174 KB
60 KB 98ms
43ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d12282.946277209896!2d-104.81982!3d39.67814!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xc4a24ba3ecef4b6a!2sFranklin%20D.%20Azar%20%26%20Associates%2C%20P.C.!5e0!3m2!1sen!2sus!4v1636565553839!5m2!1sen!2sus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0e9cf7e608788d2831539acd049d999c95f2a7367d3fe6721ecb078b84b4c508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61014
x-xss-protection: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 413E 3 B
46 B 86ms
36ms XHR
application/json 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/54/2/ Frame 413E 229 KB
61 KB 78ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/54/2/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33f90dd903160671c144727804e5f8ca30d5de55744f906a1fd3cdfc51fa1e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61756
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 22:42:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:15:41 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/2/ Frame 413E 252 KB
56 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/2/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

048e3d86dea9ffaf9c20e93ee2e609bb01893743415cee8898753bc280356852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 05:02:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56654
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 22:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 05:02:23 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/2/ Frame 413E 154 KB
49 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/2/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af0cef5c4287d827f624e0f839d0822b27dd6ac0917d6e615f88b6854b5df4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 05:32:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49738
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 22:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 05:32:59 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/2/ Frame 413E 70 KB
23 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/2/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2c8fa20a3dd7631675c4851634bc1461c03ba6c230ed1bef3bea63fe7d2ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23570
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 22:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 17:10:04 GMT

GET
H2 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/2/ Frame 413E 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/2/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

710c4044e2ec38c5aac05d8998814d64207ff0d7c6ba1aedf637a5d24d335d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1255
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 22:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:15:40 GMT

GET
DATA 200
OK truncated
/ Frame 413E 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 413E 27 KB
27 KB 29ms
29ms Image
image/png 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i875773&2i1592560&2e1&3u14&4m2&1u280&2u400&5m5&1e0&5sen&6sus&10b1&12b1&client=google-maps-embed&token=86076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

bd2a7734d34e510c18e5e6307e7fcbab6a214df948c467d37dc7b0fe61732b90

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 20:57:39 GMT
server: scaffolding on HTTPServer2
age: 33478
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27724
x-xss-protection: 0
expires: Fri, 25 Aug 2023 20:57:39 GMT

GET
H2 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/2/ Frame 413E 26 KB
9 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/2/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

957929a54cdefcf8e3a17d1442acf885000730b5668f6b82c54415e4fa283614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 03:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8955
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 22:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 03:51:08 GMT

GET
H2 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/2/ Frame 413E 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/54/2/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

568400d801d672daf12270453fe64af093c36160686960c98fbc1bc350a8b504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1259
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 22:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:15:40 GMT

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 413E 326 B
692 B 33ms
33ms Image
image/bmp 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Fri, 25 Aug 2023 06:15:37 GMT

OPTIONS
H3 200 GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 0
0 28ms
27ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.google.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 25 Aug 2023 06:15:37 GMT
server: scaffolding on HTTPServer2
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GetViewportInfo Show response
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ Frame 413E 18 KB
2 KB 66ms
66ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

862c919457cd30ed18db190ff8c1f17e7e6cf1eaf2feda42fd71fd1bdff4ba30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf
X-Goog-Maps-Client-Id: google-maps-embed
Referer: https://www.google.com/
X-Goog-Api-Key
X-Goog-Maps-API-Signature: 66374
X-Goog-Maps-API-Salt: 4b2ev0QZFa

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2505
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 184 KB
30 KB 101ms
100ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1981883692776165&correlator=3159938856761006&eid=44799389&output=ldjh&gdfp_req=1&vrg=202308210101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=5284%3A22708829342%2Csyn.tds%2Catf%2Cfinance%2Cmasthead%2Cmain%2Cbtf&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F6%2F3%2F5&prev_iu_szs=970x90%7C728x90%2C300x250%2C300x250&ifi=1&didk=1338019287~2747666993~2727806884&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692944137638&lmt=1692936937&adxs=168%2C1132%2C1132&adys=10%2C394%2C1997&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&loc=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&vis=1&psz=1264x0%7C300x250%7C300x250&msz=1264x0%7C300x250%7C300x250&fws=0%2C512%2C512&ohw=0%2C0%2C0&ga_vid=1314041049.1692944135&ga_sid=1692944138&ga_hid=1304353236&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGP_k1dqiMUgAUgIIZA..&dlt=1692944134082&idt=660&ppid=84d944c04832b9414058b5d366d4d54b&prev_scp=ar%3D0%26lang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-atf_finance_masthead%7Car%3D0%26lang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-atf_finance_main%7Car%3D0%26lang%3Den-US%26amznbid%3D2%26amznp%3D2%26rpfl_elemid%3Ddiv-gpt-ad-btf_finance_main&cust_params=environment%3Dproduction%26lang%3Den-US%26ml%3D0%26portal%3Dgen4%26abt%3Ddefault%26amznbid%3D0%26amznp%3D0&adks=1820963023%2C1555192508%2C1458048708&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdf9185099dcffc0cebf9d00447451ff06531c039e154551068b06fe6115ba39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31175
x-xss-protection: 0
google-lineitem-id: 159583172,159583172,159583172
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239670574,138239670571,138239670184
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 122ms
73ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308210101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27d0bdc3497d78380338b9da824ee86d68e7da91ec6923c72e62be67ee2ed164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11693
x-xss-protection: 0

GET
H2 200 container.html Show response
cf340ff69f06035ff742c1ada7462dd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B86B 6 KB
3 KB 146ms
28ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cf340ff69f06035ff742c1ada7462dd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.tds.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 06:15:37 GMT
expires: Sat, 24 Aug 2024 06:15:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 413E 62 B
84 B 61ms
61ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m2&1e0&5e0&8b0&callback=_xdc_._ekfok1&client=google-maps-embed&token=125562

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/54/2/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7548256472bfd02ede86487078011a5318dd4da095bb2de68f28a0e830a2564f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=40
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 413E 62 B
83 B 37ms
36ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sq788ub&10e1&11b0&callback=_xdc_._dguhvb&client=google-maps-embed&token=74110

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/54/2/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7566120a1b56a60b8bf2f238f084e2dcaf4ec8c635a13f675df723470b297498

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=16
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame 5251 319 KB
94 KB 25ms
24ms Script
text/javascript 2600:9000:2491:5200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23ef9bcfc9402e2c22a001966d3e2c64f0acf40329fe4683f9ae82ab7aa9c4c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:02:46 GMT
x-amz-version-id: p5nu_SUvbh5i7mpqKHu9c3zw02A7opEs
content-encoding: br
last-modified: Fri, 25 Aug 2023 05:27:56 GMT
server: AmazonS3
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"8bedbfb5e3d461abb176e9d43730a516"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 772
x-amz-cf-id: G8HOzEKatwQskgTo4x-5pAzvgB_BYTnOTAp0kSD4t2WvE--xCjnQDA==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame 40B9 319 KB
94 KB 25ms
24ms Script
text/javascript 2600:9000:2491:5200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23ef9bcfc9402e2c22a001966d3e2c64f0acf40329fe4683f9ae82ab7aa9c4c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:02:46 GMT
x-amz-version-id: p5nu_SUvbh5i7mpqKHu9c3zw02A7opEs
content-encoding: br
last-modified: Fri, 25 Aug 2023 05:27:56 GMT
server: AmazonS3
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"8bedbfb5e3d461abb176e9d43730a516"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 772
x-amz-cf-id: orgOO7n5mGRN-_DPcih79t7-UB208j78Qq7tOmBEVpNweK2xEIVMGA==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/ Frame E8B8 319 KB
94 KB 33ms
32ms Script
text/javascript 2600:9000:2491:5200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Requested by: Host: portal.tds.net
URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a23ef9bcfc9402e2c22a001966d3e2c64f0acf40329fe4683f9ae82ab7aa9c4c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:02:46 GMT
x-amz-version-id: p5nu_SUvbh5i7mpqKHu9c3zw02A7opEs
content-encoding: br
last-modified: Fri, 25 Aug 2023 05:27:56 GMT
server: AmazonS3
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"8bedbfb5e3d461abb176e9d43730a516"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 772
x-amz-cf-id: 39SqdwHnBO01fvRzlf3qhi0OolvlScUT5S7glBk4kaAkvvquq7XdXg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 94ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 06:15:37 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
218 B 205ms
119ms XHR
text/plain 2600:9000:223d:f800:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:f800:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 06:15:38 GMT
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: VM5DcxZvamPME0R5jm4EFPf9xjQXhKdHdDKbpPSMXfSDl0hr7Otzow==
x-cache: Miss from cloudfront

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5251 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjtIhi3XP9nB5xFBcbHNQQeoeZZ_-viJhw2JoB5MvKpJ91MW5_FvuWimMviGkOv_6o0DkDy7PQPORJsdCb0zmQsHSDXEmvZqpgvbNY5PAKa0jA239hIJ_cKglNgqapuAVVfolNGZPjmYFIEAYPifKN69qZy2H2_kiDPAHXoJEHRLIoFqvFsEfkCgJTGKOjJ2jxPno0Yo55OufQdNSKgSXp6e3xRhrVKwZtoDxwccjC6MChO-fq_SQ7bML6jrxiU-PKFc0AOrrXkT1xv3BZzv-IQjQ0VmwNiNJ6rD9BbR3scSU4ytcQCiXmDP9bod42zp1TCmiKZYiEMqB_Qq5q&sai=AMfl-YQWgwsg2thoc4AW76vrsDARCCCYfUWeYJt3dauvagmSOJYWSbYODJfOpo1ilAGho3StAGIFwSKCPkcmRWo8PnB4Fkt-M6x_QktgOFqBoipuP8LZqlmq9uNNgvO3ev8XQZTmuuDalLmwhgC5cqo-n6Q&sig=Cg0ArKJSzG_NsBxj9RV8EAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 5251 23 KB
9 KB 44ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:13:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 5251 3 KB
1 KB 46ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:57:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5251 181 KB
57 KB 109ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 06:15:37 GMT

GET
H2 200 2619584075306583721
tpc.googlesyndication.com/simgad/ Frame 5251 62 KB
63 KB 56ms
47ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2619584075306583721

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6e99a33a6e79c03b4f01763c9b6387672be4b1889988a91ac84d37b597276c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63645
x-xss-protection: 0
last-modified: Wed, 27 May 2020 18:28:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Aug 2024 06:15:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5251 0
0 44ms
39ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZt_AF6Uq4KV8zi5C-MmG0wnpqwpDDSHVLi9pKGlCfDbB_rWmRtMktJMtgd6AbgGCoXZPO2E9ZnTIkWy5MQ9-vcV9UHw
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5251 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3af7a8f4a68b7b20e7e0f5356ea59f8e7c286e2199448532eeee310c265b6059

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
217 B 178ms
119ms XHR
text/plain 2600:9000:223d:f800:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:f800:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 06:15:38 GMT
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: 6-wviTtfSXbOYxvyOMLhfyQ9rdTQA5R3My8ELHsKvB4oB_5OL3o_0Q==
x-cache: Miss from cloudfront

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40B9 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiCOnUqUF3Iq6fULHJ7K0jWkzwaA-yZ1nYqYjb3uCRnbdKx0iBDVJIFotl3pwyCxNtjX8ljhHlE_6wvB58ucrIfPt-r5jhXOtDesc5P31RVE43EdcKTlS8osdrtvwwS5-u30NKQsfp7CH9r4dtQBFq0iN28636o8V36vA4MNTTubgGxxwIr_UIV_WPLlx8lV2MSuFciqMvVZqbioiv_rO7ZhYR47ipo17c5fqtygjJc6Oo3b4WUMDjOuS4aOO6QqHdfLf01zDBOK4W3JjsKsVUh23-u7ppPzCfYTYxNq6HWY1hOStcHKRLm9cC9QrfQaVDG_SurPMjCpo&sai=AMfl-YT6fVrC9AEZ6S8mXYnmiaolg4UaOEL7Yennyl9RrKvbnSwRWjMks6RFVJcvFm1C0Fl4C3fy7Lr786rIaWJpyD5ntD669XLhmBxU66k9VNSrtCdK5heKNn55O54mVm864ZLherVeU7VuALv-wlSqi8Y&sig=Cg0ArKJSzNh49pf1nmVDEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 40B9 23 KB
9 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:13:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 40B9 3 KB
1 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:57:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40B9 181 KB
57 KB 131ms
85ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 06:15:37 GMT

GET
H2 200 10289694241826136562
tpc.googlesyndication.com/simgad/ Frame 40B9 95 KB
95 KB 65ms
64ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10289694241826136562

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

862ddaa83471c525dc8abe2e478c2e5cb012ad260830d1b00e626396cf403da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:17:34 GMT
x-content-type-options: nosniff
age: 489483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97177
x-xss-protection: 0
last-modified: Wed, 27 May 2020 18:32:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 14:17:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 40B9 0
0 39ms
38ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgQoCvAj71VhfS1eH7ehFlY7vEemn5OJTCZou8V3-nLRH53YRmmANtMlDtqrj290GEM4y_35OCzOf6oIl5rjOf-aRrDQ
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 init Show response
gw.geoedge.be/api/ 0
215 B 164ms
134ms XHR
text/plain 2600:9000:223d:f800:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:f800:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 06:15:38 GMT
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: Tp0HxfB1nNG961cskiIWxxdNBisQ_LDmtaleJhxARV34rkYoV8bXxw==
x-cache: Miss from cloudfront

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8B8 0
0 59ms
57ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqe4CtR99itpOLi-az87-k4Z_pgFubzApvQ0ofocFjLZYZPAEvnaE0WCRxp-l_NoZlhdJNCJ8dLCR2PnavESQ2BDVCVfUqBa5aOPAhgmbWidznD_RCmiMF8e5Etuq-OD9aOMkHfKTGVLHhDSDvUkSMjAUBY0sUFsyeRaWeEwkngATYOW6ioju1lbb1mvBMkUIHXG_orwKxb3Suy9LdVWfwAZQXjTVWD-9zrhRvinKgM-jU-XPVtY2_9yu-3sRG2phuFSr1W21nBWDJ1M0_fUTuGQE1RGCDQbU_45GiriMuag8825fe9n0shFRSXh4YSUrM18LmgWIXLhY&sai=AMfl-YSMtSIzb5eIaAOW8CIpe02j8nn5zjViq_sGXieSh_-KWjsjMb5EYee-dPME7Plq48yP0v9uUhy2lmGVDNptgMMySfahWTvWDyMlBlgsEWfZpqwF5IPE6MVExaD4Bozt7pADc44DT5NAzUKK9nb1uy0&sig=Cg0ArKJSzEjBwr49ANkBEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame E8B8 23 KB
9 KB 62ms
58ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:13:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame E8B8 3 KB
1 KB 63ms
59ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:57:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8B8 181 KB
57 KB 107ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 06:15:37 GMT

GET
H2 200 2173581800326178012
tpc.googlesyndication.com/simgad/ Frame E8B8 94 KB
94 KB 62ms
60ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2173581800326178012

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07007c9a33a65d46f51e5e7418893b703c6b1d87e0ec07611457299c6faec0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 06:34:29 GMT
x-content-type-options: nosniff
age: 603668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95894
x-xss-protection: 0
last-modified: Wed, 27 May 2020 18:31:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Aug 2024 06:34:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E8B8 0
0 32ms
30ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWg1BYKTzJRuo7zl2kW0x3ecPACWIyVjw4eiWJH4rbed-_q-e0OrPHJqGM_bTgUMoP9jYMTcARNtWfPSafnujqpYmWdA
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 40B9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad6f877dfde7cd9b7309f9f269fb13db610045e1ddfae42419def6d755d498eb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E8B8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f57688b6e4f36af4d8e765c9f39c8c71782a74cbd0c7f4fb3b9eba11705180a

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2DE4 13 KB
5 KB 50ms
48ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portal.tds.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 5702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 04:40:35 GMT
expires: Sat, 24 Aug 2024 04:40:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BD13 829 B
559 B 31ms
30ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aaa2aaec7862a0b4914825f5648d2b3aca9c2e27bd275e695198cb7a62cb44f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sDIYQ7ggmVh7G5uQp8fU3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portal.tds.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-sDIYQ7ggmVh7G5uQp8fU3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 06:15:37 GMT
expires: Fri, 25 Aug 2023 06:15:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD13 0
0 134ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308210101&jk=1981883692776165&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5251 0
0 110ms
59ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJrBxsbGXSmT3UIvvbR2vq1tdxmH7FnlA_PdeiI8hLtuGfzeuTNOy7y_-KRIJdf1GJOYwywzybiBzc9JkyFJ8YnEvJwMYIXE_hqHG471TdL0-tGRAybE7zTH5l9ZZVxOGyeLWkvCwzrXelq3dQT0f28DVPCkrMFuUgZWtddyCRIkQ8ErfiLLcBX_WgtDkqK3Yo5Eny2sXEZU8FId-MUEgLjTcI_iDO5F4y0nQthGf5v2frxthKSN1WZ28FTHHnYPVcHisdyRFhrDCR-zQVwyeYSJ6_3u04i7tBPs_vM8FxQwpME57-bpQ7kx1mn9kwwpTEz1yQDVBsURgdqkii8bk&sai=AMfl-YQ-WJTennwddc6sASknuYjVy8D_lkRzPYQwr2sHpAGhV9QdkY3AanoA2uvg2gHofXvmYhYkha_599viY67PvYD_-Unve-hKlhWE-kyFV2005XSJcMszZ6VwrFE-KtULQUd-TDfsXd96LnbFssbq-cA&sig=Cg0ArKJSzHCoVRK-ztB3EAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 06:15:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8B8 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuixCe7ipsPAI15i6FRB2abDHzSaLhM2hZSnmGtbTEAWbcK2CxWGnWRh3WM7PlB-gnOC9WRd9x4_Ey83c6K9zJ931JTrtG4V1BzlyPo98huZJZ9Y-niPi3V4Pfd7sPy0ldp6jwYAwPOCpnx7VXpMd-KWEwJLcNExQAw5QI0n6vnbzEwdsjkU7ey-8hnm-1cG-qYo3qLpAoJ7Bg_QrXZifdoWq9mOpEGuNx62wGc26j4vAlJfjqBWWmJfd_kTm--uRb1_ePFnoBY5hjVuhvQ-MTtayAZyt2F3QQ2SttqueFKCRCmoMzqBJCiy7897wY3uOLzsOC16Afg2wDXJw&sai=AMfl-YST0iXZMyL-ppFHRNuuyKamrjT-RVlBj31RE9XX3AnYNEvpwgUinCD6gq1u0NCjgigtv10kZWIF2TDqYwF2iHemmr7m_U2tl3ta3_-PAr1BamAyEf-qbyu_2IpUL9FlL1X3uniQFNHxBVAUUzfuBzY&sig=Cg0ArKJSzKtaL2OuDdGkEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 06:15:38 GMT

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DE4 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:45:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 15:45:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40B9 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9tZFHEA9MoHiTHBS2EB08YbGnv660hT3LZocYyaZ696zmTVyankfWflgVml987jm-F2FhLMgab8OyVanx6ICdDQgfHWRGDcUxLDVyhjrY8ONppSD8VaRiUA_KvXxqrODwuIgndDGPo4nlqEl6oAoNTmP1qUE_A1UR3vimcerLGOUGmemWL2aGuB_rFdjb5CRZu0XUD4vHzvKcxL_wewlmqNcT5Jhp-uqOGGNeFb8rbzpezmXeN8LVQ_IP2mR2ahVnhL3mUgUsEBwcUBy9X9koOmbgrRajQSI5PyRukslxIEXdfO5GxVqNi8RG53R73-sYAAi9z5vBRiN3AA&sai=AMfl-YStTsHlnNjKyTO7cuLoPgQpO19_x8OkYBickisZJfmco-3WxqbU1rfT1KeMYZEz8xq3Zlp8aRENN25qlfe774fI5KK9TyZCZ7ESQewjpLlv9cEvqBWZ_wVpEIutgZMaFE5-Hq8K6uwomiG7ka8U0iY&sig=Cg0ArKJSzB7t44lrFk_WEAE&uach_m=[UACH]&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 06:15:38 GMT

POST
H2 200 stats Show response
gw.geoedge.be/api/ 0
217 B 523ms
523ms XHR
text/plain 2600:9000:223d:f800:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/stats
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:f800:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portal.tds.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 06:15:38 GMT
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
content-length: 0
x-amz-cf-id: y2PpDK-F1kpAPzmZ57p1jzLB3dPqCAJXz04vJxhCW0uJnVO60bkI6A==
x-cache: Miss from cloudfront

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2DE4 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lLd9ag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 06:15:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308210101&jk=1981883692776165&bg=!Xl2lXRLNAAYkVgHwBFY7ADQBe5WfOLOOk_iI3Dl9BUYA0Q5YACDSQIk0U5ZfV3f3lqcBc3MLj7OW3xZgUZu_nJkL3X7OAgAAAG1SAAAABmgBB5kCuh_8D2FA434l8CcelEVNPo51c9rVFc_Qkq1465mH4Ueg_7inD-Ukc92QtcNm5D7bpN2L2B8A9flwNDgdqXyNtXl08elqVSsW_KNApC0HfNj_Y0s82ppA8K9HCIKKi8JKEjqBNoyNQDUbbWNwXEGbMHvxYty6ZnjagyxkC0zvSG5rHke4vCHZ9LWq0kd1zbJuhyZQgX1yB5LyJCkBlWUXuo8T38BNGTBJHy-BjBpk18XnqDCvQM_kPqEK_B_-Cx4Fv52JlQg6xKdpBMJcA5FBRRYFH7CriqIqZmMPsRatzuFwtgr_ZKtTY-yXWiC7C6K3eZMCjLnfNAbUUqdAGb4brzU36M5fpzLZ9cF5A0_0P8UR89t2V341ywnN8-ll8UWxoC1159DVxCMlG3g1KW8jULQfl9bt6shceQoOJfZQWZtwvxjsUVJ6q02TVUlo-CqoQbvHMK0tyuvRcQJgKbrXM9hHzndEDDCO4nHHU3qgMlC5SN89dCAfUbxqkxsqbIOPGY3HDHVM7z2yI4Di5EHWE8FVyNIwO9qBM6El9TpQXsvVeEAEGMfOBy3-O3Qj9sBb__ntuInvtVhxDKE7Rne27IbVbx-EtmvsV9IS8KjKRbIFjVDYlWGC5K7Dp1mV6Nr-JfD9P7tHRHzlelV9167RmLURs7QtY401hmwr-Q7mD58fQXgIP4mkFWMUaQ7C_ya9T_KuF4OQWRtQqIvCNCEIAUWFACP64Sjv9k_bUeKK3TMRqCt9Tc2f3zBOYlUzbIlOXQP8Kgqe6o4aVqGIcsJUkq_TdIBCdnHPIGwo997EmHsMxZx434ChV-26k9klqBYVvfO-ZlMsbuCZ0LAeYIoVoGwNftnNt9Us5OjfJJ2l97a9zSkmwsECeN4TxPwrfu_QOVEqFpA92fJyqSSF6vicBW_12W_TlKa_y-HE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5251 42 B
174 B 125ms
125ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0if85kSXHD0krtAZ-OrGMvEYg5dwenCFNNmbodSAGzcjrViheEmqtbb89kaEWtmMCo1wvbFajoZarDVuy3iIK1YAVMzvYyzmVaRHoLtFxOZqVbJzi3xjdivZa-PES&sig=Cg0ArKJSzFMc50-RaqFEEAE&id=lidar2&mcvt=1000&p=10,436,100,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1820963023&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692944137773&rpt=342&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 40B9 42 B
64 B 91ms
91ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9aW8OWuUpULD5GWjfNGTLHIVFNQNRbRrGcz-eASSzem10BK85_H1mmcwmcSW0IJB_8gqKdS1LKveibOkRUrA-AgOy_VnEynbIH5ATtW70OqPENo2ozlw3Iseh-k30&sig=Cg0ArKJSzMFPYJ2o3L9HEAE&id=lidar2&mcvt=1000&p=394,1132,644,1432&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1555192508&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692944137800&rpt=412&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/440563c7-56b6-45ff-bb14-6e7b7d64a525/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 36ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M2JVV7T6GC&gtm=45je38n0&_p=1304353236&cid=1314041049.1692944135&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1692944134&sct=1&seg=0&dl=https%3A%2F%2Fportal.tds.net%2Ffinance%2Fcategory%2Fpress%2Farticle%2Fpressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america&dt=Finance%20Press%20-%20TDS&en=page_load&_ee=1&ep.site_section=finance&ep.portal_bucket=&ep.page_discarded=false&ep.page_hidden=false&ep.environment=production&ep.component_path=FinancePressPage&_et=220
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M2JVV7T6GC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://portal.tds.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 06:15:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.tds.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET usync.html
eus.rubiconproject.com/ Frame 7611 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pressadvantage.vaesite.net
URL: https://pressadvantage.vaesite.net/images/somacro/facebook.png

Domain: pressadvantage.vaesite.net
URL: https://pressadvantage.vaesite.net/images/somacro/twitter.png

Domain: pressadvantage.vaesite.net
URL: https://pressadvantage.vaesite.net/images/somacro/google.png

Domain: pressadvantage.vaesite.net
URL: https://pressadvantage.vaesite.net/images/somacro/diggit.png

Domain: pressadvantage.vaesite.net
URL: https://pressadvantage.vaesite.net/images/somacro/reddit.png

Domain: pressadvantage.vaesite.net
URL: https://pressadvantage.vaesite.net/images/somacro/linkedin.png

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?geo=na&co=us

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portal.tds.net/finance/category/press/article	1970-01-20 23:51:44	Name: privacyInfo Value: %7B%22jurisdiction%22%3A%7B%22country%22%3A%22CH%22%2C%22state%22%3A%22%22%7D%2C%22gpc%22%3Afalse%7D
portal.tds.net/finance/category/press/article	1970-01-20 23:51:44	Name: privacyInfoChanged Value: 1
portal.tds.net/	1970-01-20 23:51:44	Name: gpp Value: DBABTA~1---
portal.tds.net/	1970-01-20 14:58:56	Name: _pbjs_userid_consent_data Value: 3524755945110770
portal.tds.net/	1970-01-20 14:17:10	Name: _lr_geo_location Value: CH
.rubiconproject.com/	1970-01-20 23:01:20	Name: khaos Value: LLQ786OI-1V-LYAX
.rubiconproject.com/	1970-01-20 23:01:20	Name: audit Value: 1\|naVuGyos1qq/qa7QgBYfe7VTIkcAJPBTYJ/t7Cax7f1cIGNm47QautIHYAito1svoU1sVA6x+a4rLynjRbqW98xuhZpbWKLth/HTaN0Rs8K+xUA9sgf/4eNEKcfJxgEB
.tds.net/	1970-01-20 23:51:44	Name: _ga_M2JVV7T6GC Value: GS1.1.1692944134.1.0.1692944134.0.0.0
.tds.net/	1970-01-20 14:15:44	Name: lotame_domain_check Value: tds.net
.criteo.com/	1970-01-20 23:37:20	Name: uid Value: b0726a63-b342-4436-8ef1-9d2d0a2975a4
.crwdcntrl.net/	1970-01-20 20:44:31	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 20:44:31	Name: _cc_id Value: 51026ce01a2748be2ed147774da7823e
.tds.net/	1970-01-20 20:44:32	Name: _cc_id Value: 51026ce01a2748be2ed147774da7823e
.tds.net/	1970-01-20 14:25:48	Name: panoramaId_expiry Value: 1693548935280
.tds.net/	1970-01-20 14:25:48	Name: panoramaId Value: 0c8736fc2a86931f0ed655ff97734945a7027e2a1ced6e8cf28f7842a8fcbf94
.tds.net/	1970-01-20 14:25:48	Name: panoramaIdType Value: panoIndiv
.openx.net/	1970-01-20 23:01:20	Name: i Value: bad3bcaf-f55c-41cc-aace-7a7ae60e4860\|1692944135
.tds.net/	1970-01-20 23:37:20	Name: cto_bundle Value: S39NgV90a29Jd1pncU1kRVk3ME1uazE4NVJNelc3VCUyQmlvanI2NzZSb2VMWU1EZkZoVHZLTCUyRjJGMXhLZ1E3QTB1eEE1dnFSMmRZcFJ0SndUSzNDMkdBVjVxSFpLc1FieiUyRkdJZG5ON3c3cXk0VEQ3dHVybDBvbDBQSExkQnpYVlFSUDBjSlBQMzBmUEx0cnNYTDcyS2NmWnBUa3clM0QlM0Q
.openx.net/	1970-01-20 14:37:20	Name: pd Value: v2\|1692944135\|vMgavPkWgy
.tds.net/	1970-01-20 23:51:44	Name: _ga Value: GA1.2.1314041049.1692944135
.tds.net/	1970-01-20 14:17:10	Name: _gid Value: GA1.2.1173355685.1692944136
.tds.net/	1970-01-20 14:15:44	Name: _gat_cq Value: 1
.tds.net/	1970-01-20 23:51:44	Name: _ga_M455Q94K6T Value: GS1.2.1692944135.1.0.1692944135.0.0.0
.doubleclick.net/	1970-01-20 23:51:44	Name: IDE Value: AHWqTUkJWEDYcCcCzoPDRfMmokRaEMthB9HB-UP3M7FjW6ctQpPU3dQZGFjodmnP50g
.yahoo.com/	1970-01-20 23:01:41	Name: A3 Value: d=AQABBAdH6GQCEC7SRxIjfAK_8OIEXQXIA9UFEgEBAQGY6WTyZAAAAAAA_eMAAA&S=AQAAAj0AHZjwl2Im0-98pXVKpL4
.amazon-adsystem.com/	1970-01-20 19:32:32	Name: ad-id Value: AxHv4IvlhkzLus57TKRianI
.amazon-adsystem.com/	1970-01-20 23:51:44	Name: ad-privacy Value: 0
portal.tds.net/	1970-01-20 14:25:48	Name: pubUID Value: 84d944c04832b9414058b5d366d4d54b
.tds.net/	1970-01-20 23:37:20	Name: __gads Value: ID=89121223e8938b32:T=1692944137:RT=1692944137:S=ALNI_MaGQSu-cQFvvvzEOAFBh1nF7deqeg
.tds.net/	1970-01-20 23:37:20	Name: __gpi Value: UID=00000c8eccfa9118:T=1692944137:RT=1692944137:S=ALNI_MYuawLWEGdMsBI_nqCf7fr1oSBc9A

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://location.imds-api.com/ip/?fields=verbose Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Message: Mixed Content: The page at 'https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america' was loaded over HTTPS, but requested an insecure element 'http://pressadvantage.vaesite.net/images/somacro/facebook.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Message: Mixed Content: The page at 'https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america' was loaded over HTTPS, but requested an insecure element 'http://pressadvantage.vaesite.net/images/somacro/twitter.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Message: Mixed Content: The page at 'https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america' was loaded over HTTPS, but requested an insecure element 'http://pressadvantage.vaesite.net/images/somacro/google.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Message: Mixed Content: The page at 'https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america' was loaded over HTTPS, but requested an insecure element 'http://pressadvantage.vaesite.net/images/somacro/diggit.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Message: Mixed Content: The page at 'https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america' was loaded over HTTPS, but requested an insecure element 'http://pressadvantage.vaesite.net/images/somacro/reddit.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america Message: Mixed Content: The page at 'https://portal.tds.net/finance/category/press/article/pressadvantage-2023-3-23-natalie-brown-wins-the-ctlas-lifetime-achievement-award-cementing-her-reputation-as-one-of-the-best-lawyers-in-america' was loaded over HTTPS, but requested an insecure element 'http://pressadvantage.vaesite.net/images/somacro/linkedin.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://pressadvantage.vaesite.net/images/somacro/facebook.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://pressadvantage.vaesite.net/images/somacro/twitter.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://pressadvantage.vaesite.net/images/somacro/google.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://pressadvantage.vaesite.net/images/somacro/diggit.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://pressadvantage.vaesite.net/images/somacro/reddit.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://pressadvantage.vaesite.net/images/somacro/linkedin.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.rubiconproject.com
api.btloader.com
api.cloudquote.net
api.newsrpm.com
ats.rlcdn.com
bcp.crwdcntrl.net
btloader.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cf340ff69f06035ff742c1ada7462dd0.safeframe.googlesyndication.com
cm.g.doubleclick.net
contango-cdn.technoratimedia.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
geo.privacymanager.io
google-bidout-d.openx.net
gum.criteo.com
gw.geoedge.be
id5-sync.com
invstatic101.creativecdn.com
location.imds-api.com
maps.googleapis.com
maps.gstatic.com
match.adsrvr.org
mug.criteo.com
mybendbroadband.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
portal-static.imds-cdn.com
portal.tds.net
pr-bh.ybp.yahoo.com
pressadvantage.vaesite.net
region1.google-analytics.com
rumcdn.geoedge.be
s.amazon-adsystem.com
sadlib.imds-cdn.com
scs.imds-api.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tesseract.imds-cdn.com
tpc.googlesyndication.com
tracking.newsrpm.com
us-u.openx.net
vam-image.imds-cdn.com
weather.imds-api.com
widgets.financialcontent.com
wrappers.geoedge.be
www.fdazar.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
eus.rubiconproject.com
pressadvantage.vaesite.net
104.18.35.167
104.247.86.163
108.138.17.23
129.159.77.31
129.80.81.219
13.32.119.77
13.32.99.89
130.211.23.194
132.226.38.239
141.95.33.111
142.250.185.66
143.204.98.49
151.101.193.44
172.105.13.106
178.250.7.13
2001:470:1f07:135:e63d:1aff:fe85:29d0
2001:4860:4802:34::36
216.58.212.166
23.201.255.110
2600:9000:223d:f800:10:43f:4352:ad61
2600:9000:2240:e000:2:d490:4d80:93a1
2600:9000:2250:7600:a:e047:753:6381
2600:9000:2491:5200:4:b37b:9440:93a1
2602:803:c003:200::61
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:3456
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700::6810:5514
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a02:2638:d::2
2a02:2638:d::d
2a05:d018:d29:3601:34cf:96f9:2678:f523
3.33.220.150
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.190.39.111
35.209.232.50
52.213.174.162
52.222.208.154
52.46.130.91
65.9.66.122
93.184.222.66
03b6e27a1c6c6a78fb6f01888648b73e0831e0dcd944332194d982b48e41bf4d
048e3d86dea9ffaf9c20e93ee2e609bb01893743415cee8898753bc280356852
06b14f3f2d6604c9bf4e1bad482728f29a90519fe9ba768e8d351a13d3f181ea
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09bf22d9b6f0c0e543f7ff362eda8f74a3f8138c4f5f9320fc75b110bf5fbfa8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9cf7e608788d2831539acd049d999c95f2a7367d3fe6721ecb078b84b4c508
10f138bb7bff8e151c40946b049385cef935cfc25c3220f9dbeeb59d4445cf2b
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1ca709f36534450e8e3fe62e77fe0ed06d9284d699bdd846c253301627ec8f0d
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1fba6e63f5de41d8a857a9e267acc31befb6f72b15bedfc6e6fdbce11116b233
2081db546970ec8e804cf7f13ca596212cd96a8c934e0127a2c4196e54b6bb26
21de32a31b934126535d48ccc684d18827d937d7e08d68cb68149a894b914d62
2218f03e4d554019dde3507e191333b5c906b9f4fb86ea9b459f1fa2ba0800d3
276c9e02c58a3c043348cb103438d3e09044b2698481197f84e123d487a1253c
27d0bdc3497d78380338b9da824ee86d68e7da91ec6923c72e62be67ee2ed164
2819f95b22bf4e9d07f8d5fb4fcf9a5e4051469eaa9f0c95e5ee797a53b6a286
28628a13be1509234addcd69afcc0ae7e60cf6d29bd017abdb77abfca7c781c1
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2d44a7791cb03d9a54bded6c789e9daa6377f72023749a9349a1a23be6a82838
312a53c21c5ceac1529170fa13c84bfd18e2ae5bbd271cdc36a0934585b36ad1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33f90dd903160671c144727804e5f8ca30d5de55744f906a1fd3cdfc51fa1e3a
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf
3af7a8f4a68b7b20e7e0f5356ea59f8e7c286e2199448532eeee310c265b6059
4174c448d957aa067e3090c1ffcb9f27a0e50cba326867dac140c1460cb0c5d1
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42f4a25061750f158c23db32835a589b06a00c3b16115e0663e6a2afb6aa063f
43a6162a627badafa6ba0a6bcee4a8eb32bf90603d11eb793a1ae415d1c281c6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568400d801d672daf12270453fe64af093c36160686960c98fbc1bc350a8b504
59de363ff589bec5dddba81d0c4ff4384a43b686c80d5a1e69f6045951c4c9d1
5bb6c78f0965053e2628a4f07e6644dbb9b75fb8d81527d79d3a8b71cef5d6ba
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
69c1738b42e57aa31f032ddb1c73bff2c852c92a37f346fc785c7a02397c62e8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
710c4044e2ec38c5aac05d8998814d64207ff0d7c6ba1aedf637a5d24d335d0a
71595007e1eccbe8d736bad96c94cc5940ee2fb68769125850a99e5ea2220bd1
7189aec9c7abca85f7f5aa079d9e38e5a7b59d68472faca29f98cead2d40cbc0
718c040d5ad20d9864af9337cda69f0d694a87bd58ea5b5df5e4a4ac61bb3f0f
72675b1843411950d6200e3a025803b0433770f4782a21839f820a2c1515a308
7331f2c4bb122341cb7a52d17a9fd8d275093a5d15ed577242fbad22cdf09b97
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7548256472bfd02ede86487078011a5318dd4da095bb2de68f28a0e830a2564f
7566120a1b56a60b8bf2f238f084e2dcaf4ec8c635a13f675df723470b297498
7a8f42d63407717253fe4ba8586d943ab02df1727c79eff3631e011a75b0e31d
7f57688b6e4f36af4d8e765c9f39c8c71782a74cbd0c7f4fb3b9eba11705180a
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
862c919457cd30ed18db190ff8c1f17e7e6cf1eaf2feda42fd71fd1bdff4ba30
862ddaa83471c525dc8abe2e478c2e5cb012ad260830d1b00e626396cf403da0
8740f04a97202a2483d54a5781598c30cceac029a1522b6c5dd270250b9d1a17
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9f1fe9f00b89c205ba6ace314efe77c60535feb7ae23c5e58a0aad61ab6c10
957929a54cdefcf8e3a17d1442acf885000730b5668f6b82c54415e4fa283614
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
a0c11e71230e3765d4ba258a6ab9d6b9ec040cd045c3e29775b2c885e1947041
a23ef9bcfc9402e2c22a001966d3e2c64f0acf40329fe4683f9ae82ab7aa9c4c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a66f556390740e2fbc9bc7dd83d2b543bbc2c54cb239e592b88d4dacd3c59fe5
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6e99a33a6e79c03b4f01763c9b6387672be4b1889988a91ac84d37b597276c8
aaa2aaec7862a0b4914825f5648d2b3aca9c2e27bd275e695198cb7a62cb44f5
ad6f877dfde7cd9b7309f9f269fb13db610045e1ddfae42419def6d755d498eb
af0cef5c4287d827f624e0f839d0822b27dd6ac0917d6e615f88b6854b5df4c9
af89c90c6032c3d38bbfefcf8c6c312a24f94edb605d64aa1b9e9289648ea1b2
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b51162a80a518558d4f80ddcb62e9d527d7452ce66027659ce1525aeafc0f596
b69971baf4c50aa7ce898f43aa67018145a508dffb0cb111c6343a1e81de01f0
bd2a7734d34e510c18e5e6307e7fcbab6a214df948c467d37dc7b0fe61732b90
c049c091f530de41446488ef6768fc1ab7b5f330dcd289203e256a9806e922be
c1dbf1ec3ce4090c8224ef4b609cebda9357c6eeb9e8aaca0099da79f5aff686
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f
c63cce317998fb8e49f98795332b05599502a27169d64598aa6b0f88452f763a
c9f7860961535161d893102b8505539270a51cff6723975a64702faaf48dd5b8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07007c9a33a65d46f51e5e7418893b703c6b1d87e0ec07611457299c6faec0a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc8274d027c500c43f9b88ac304488253cc145016079d0cdb1a55d6e4597943d
dda79224fd4830f612e505345baa1282c4ec31caa77647044aa4183b8aca342c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de72b9b6354519f6f266d8672cb520a8d15e9b7102efc4514c8a6eda2ee56f6f
e190deb58c6cf3cb9ca56144038b79ee7a2bdcf360f8902f6dbf86e4652073de
e200859012d9843456e0f56fe9e429adbc31397f3421c73ebc3a1c1fbcec293b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45f0890e8bb69a56be8f844f29520392eb6ed9590fd5b4437493949f2f7965d
e5e26b7075301f62265adb988b534ea57ce8009f2155c8af032ce0f6f7630c99
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
ea2c8fa20a3dd7631675c4851634bc1461c03ba6c230ed1bef3bea63fe7d2ec4
ea4020fe1a3994f9b537477ac8179eb2208a86167475b67d6c9fe9e223d5eb37
eaa408819ad2a043ff8ef66310dbc057e3d475ce9ad4e3725f10e9830946248d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efed5f1fba8d90b12413c041f7226236d1490ad3ec5dc31dda20b106b7ed9105
f0d048495f4eeff7908273d9f91b21ec4ba964852bef0f2f82ba6d519307fd77
f45c228fb662ea29234c9fd33a73ebfe5ef856039db28e7f28d0c5c311111897
f4645368232bbdb526bd07d4e92069248c4988a5b494462367be07364a0afdca
f6c7b942534073b515422ee31f99039fc64e342824be30d312a953efdfbcdba3
f87e7f769858b5961c941c0c1bab0cb6ae295f5c44f629e42d06499120bbd7af
fd2ab4fd8d6e1cb9dffef21dab155f61d943816c9753bdcc48e2852d1ca970f1
fdf9185099dcffc0cebf9d00447451ff06531c039e154551068b06fe6115ba39
ffe4f3d33edef090e999754eef7d35fb78fbbde27a6507e930f9291b9435d9f7

portal.tds.net Open in urlscan Pro 132.226.38.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

92 %HTTPS

46 %IPv6

39 Domains

62 Subdomains

54 IPs

8 Countries

3281 kBTransfer

8621 kBSize

30 Cookies

17 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portal.tds.net Open in urlscan Pro
132.226.38.239 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

92 %
HTTPS

46 %
IPv6

39
Domains

62
Subdomains

54
IPs

8
Countries

3281 kB
Transfer

8621 kB
Size

30
Cookies

153 HTTP transactions
4 data transactions