trfnews.i234.me Open in urlscan Pro
184.99.181.52 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Submission: On January 24 via manual (January 24th 2023, 10:21:46 pm UTC) from CA — Scanned from DE

Summary HTTP 246 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 50 domains to perform 246 HTTP transactions. The main IP is 184.99.181.52, located in Fargo, United States and belongs to CENTURYLINK-US-LEGACY-QWEST, US. The main domain is trfnews.i234.me.

This is the only time trfnews.i234.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	184.99.181.52 184.99.181.52	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
2	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	167.71.57.196 167.71.57.196	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	64.225.42.52 64.225.42.52	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
3	64.227.60.121 64.227.60.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
28	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 22	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee	16509 (AMAZON-02) (AMAZON-02)
5 5	216.52.2.19 216.52.2.19	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6 6	3.68.24.7 3.68.24.7	16509 (AMAZON-02) (AMAZON-02)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	3.65.84.173 3.65.84.173	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
4	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1	35.176.33.61 35.176.33.61	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
6 6	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
6 6	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
2 3	23.67.134.223 23.67.134.223	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	13.224.189.115 13.224.189.115	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.30 13.225.78.30	16509 (AMAZON-02) (AMAZON-02)
2	3.10.236.156 3.10.236.156	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	() ()
25	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	() ()
1	2a03:2880:f00... 2a03:2880:f00a:11c:face:b00c:0:3	() ()
1	2a03:2880:f00... 2a03:2880:f00a:e:face:b00c:0:3	() ()
246	53

48 184.99.181.52 (Fargo, United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)
PTR: 184-99-181-52.frgo.qwest.net

trfnews.i234.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.71.57.196 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.225.42.52 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

bot.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.227.60.121 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

analytics.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.251.39.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.52.2.19 (United States) 5 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.68.24.7 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-24-7.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.84.173 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-84-173.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.33.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.180.230 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 84.200.5.215 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.67.134.223 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-134-223.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-115.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-30.fra2.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.10.236.156 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-236-156.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a03:2880:f083:100:face:b00c:0:3 (None, )

ASN- ()

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f00a:11c:face:b00c:0:3 (None, )

ASN- ()

scontent-arn2-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f00a:e:face:b00c:0:3 (None, )

ASN- ()

scontent-arn2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	i234.me trfnews.i234.me	618 KB
44	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 210 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 ad.doubleclick.net — Cisco Umbrella Rank: 192	56 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28836 ad4m.at — Cisco Umbrella Rank: 9591 assets.ad4m.at — Cisco Umbrella Rank: 37206	1 MB
27	fbcdn.net static.xx.fbcdn.net scontent-arn2-2.xx.fbcdn.net scontent-arn2-1.xx.fbcdn.net	562 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	236 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	892 KB
7	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 34179 hal900014.redintelligence.net — Cisco Umbrella Rank: 327133	53 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	16 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	127 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 276	3 KB
6	webpushr.com cdn.webpushr.com — Cisco Umbrella Rank: 27145 bot.webpushr.com — Cisco Umbrella Rank: 47902 analytics.webpushr.com — Cisco Umbrella Rank: 35082	30 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 jnn-pa.googleapis.com — Cisco Umbrella Rank: 188	33 KB
5	lijit.com 5 redirects ap.lijit.com — Cisco Umbrella Rank: 595	3 KB
5	mathtag.com 1 redirects tags.mathtag.com — Cisco Umbrella Rank: 4501 sync.mathtag.com — Cisco Umbrella Rank: 453 pixel.mathtag.com — Cisco Umbrella Rank: 972	4 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 721 r.turn.com — Cisco Umbrella Rank: 3102	2 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 82915 static-de.ad4mat.net — Cisco Umbrella Rank: 115742	8 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22 region1.google-analytics.com — Cisco Umbrella Rank: 2439	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	216 KB
3	facebook.com www.facebook.com	29 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18712 api.webgains.io — Cisco Umbrella Rank: 49878	31 KB
3	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 15193	2 KB
3	lead-alliance.net 3 redirects www.lead-alliance.net — Cisco Umbrella Rank: 70051	1 KB
3	telefonica-partner.de 3 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 72059	771 B
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 47464 medialead.de — Cisco Umbrella Rank: 47044	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	144 KB
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 59631	961 B
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 80790	3 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 102502	6 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 521	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 689	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31333	1011 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8470	957 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056	3 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 691	340 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306	465 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1808	173 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 106543	1 KB
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 97044	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 40045	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 160348	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 131376	931 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46272	606 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 954	577 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442	587 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 788	714 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2725	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	693 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 90	256 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 233	4 KB
246	50

	Domain	Requested by
48	trfnews.i234.me	trfnews.i234.me www.youtube.com
25	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
22	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com trfnews.i234.me
12	assets.ad4m.at	as.ad4m.at
10	www.youtube.com	trfnews.i234.me www.youtube.com
10	pagead2.googlesyndication.com	trfnews.i234.me pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	ad.doubleclick.net	6 redirects
6	x.bidswitch.net	6 redirects
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	ap.lijit.com	5 redirects
5	www.google.com	www.youtube.com tpc.googlesyndication.com googleads.g.doubleclick.net
4	hal9000.redintelligence.net	trfnews.i234.me hal900014.redintelligence.net
4	jnn-pa.googleapis.com	www.youtube.com
4	www.googletagmanager.com	trfnews.i234.me www.googletagmanager.com adv.office-partner.de
3	www.facebook.com	trfnews.i234.me static.xx.fbcdn.net
3	www.awin1.com	2 redirects as.ad4m.at
3	www.lead-alliance.net	3 redirects
3	www.telefonica-partner.de	3 redirects
3	hal900014.redintelligence.net	hal9000.redintelligence.net hal900014.redintelligence.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	analytics.webpushr.com	cdn.webpushr.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com trfnews.i234.me
2	api.webgains.io	analytics.webgains.io
2	www.conrad.de	as.ad4m.at
2	partner.o2online.de	as.ad4m.at
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	static-de.ad4mat.net	as.ad4m.at
2	sync.1rx.io	2 redirects
2	pm.w55c.net	2 redirects
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	prod-rtb.ad4mat.net	trfnews.i234.me
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.webpushr.com	trfnews.i234.me
2	fonts.googleapis.com	trfnews.i234.me hal900014.redintelligence.net
1	scontent-arn2-1.xx.fbcdn.net	www.facebook.com
1	scontent-arn2-2.xx.fbcdn.net	www.facebook.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	partner.blau.de	as.ad4m.at
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	trfnews.i234.me
1	futalis.de	hal900014.redintelligence.net
1	adv.office-partner.de	hal900014.redintelligence.net
1	pb.media01.eu	hal900014.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	sync.targeting.unrulymedia.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	bot.webpushr.com	cdn.webpushr.com
1	region1.google-analytics.com	www.googletagmanager.com
246	71

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
pinterest.com
www.webpushr.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
trfnews.i234.me R3	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.webpushr.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-05-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.futalis.de R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-03` - `2023-02-01`	3 months	crt.sh

This page contains 32 frames:

Primary Page: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Frame ID: 5D161E89D0D1E3E37EEDC844DF4A52B0
Requests: 84 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
Frame ID: 800E47D6C28CE2BBDE24C4470D6FBAFE
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230119/r20190131/zrt_lookup.html
Frame ID: 241D6003F48AAAE624CADA9FEDEA5FC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=208453893&adf=1183505835&pi=t.ma~as.6622280029&w=728&lmt=1674598901&format=728x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900893&bpp=4&bdt=2092&idt=389&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&correlator=4505641949155&frm=20&pv=2&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=GDlTzrwOWN&p=http%3A//trfnews.i234.me&dtd=416
Frame ID: 4735053C1CB2EFC844667896E4CD9F71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&adk=1812271804&adf=3025194257&lmt=1674598901&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&ea=0&pra=7&wgl=1&dt=1674598900897&bpp=3&bdt=2096&idt=421&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=434
Frame ID: 96FD1814A8C3F50357F013106481562E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=297702279&adf=196230953&pi=t.ma~as.6622280029&w=468&lmt=1674598901&format=468x60&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900900&bpp=1&bdt=2099&idt=434&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=380&ady=1086&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=5bb6LphXFf&p=http%3A//trfnews.i234.me&dtd=437
Frame ID: 556BB11BF0B7A48C774E78ABC37A4511
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=297702279&adf=3484958483&pi=t.ma~as.6622280029&w=468&lmt=1674598901&format=468x60&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900901&bpp=1&bdt=2100&idt=440&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=380&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=oR8pdkdEMN&p=http%3A//trfnews.i234.me&dtd=443
Frame ID: EC64F01F2BAD073F2EE0348E34D892A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&slotname=6622280029&adk=2208689566&adf=3262530445&pi=t.ma~as.6622280029&w=300&lmt=1674598901&format=300x250&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900902&bpp=1&bdt=2101&idt=443&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=aOvolXzvJS&p=http%3A//trfnews.i234.me&dtd=446
Frame ID: D389BAC5E80FA7379E01BE7BD129880F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1674598901&format=728x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900903&bpp=1&bdt=2102&idt=450&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=2346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=sysS1vT2tO&p=http%3A//trfnews.i234.me&dtd=453
Frame ID: 55CB6790AA9599422EA5C3737192934D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&adk=4246380789&adf=2745757192&pi=t.aa~a.1673028110~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=324x250&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=2&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90&nras=2&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=TCEMjJG82W&p=http%3A//trfnews.i234.me&dtd=7
Frame ID: BCF20B03373DF13565AD807FFF57DD32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27
Frame ID: 522AC657EE0C3F197338D77C2BBB5FFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=2743202993&adf=3116027668&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2937&idt=0&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250%2C1200x90&nras=4&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=62rr2AaK1P&p=http%3A//trfnews.i234.me&dtd=30
Frame ID: 9C2CE21F2A6164F994384C5F50A12194
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 18F3006092B919710B876AFA2411CEDA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EC29B5F6079C7D1B7B1656255C1BB3D9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CdEG19VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSVAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTM5GjH9HTRh1MzJkgeaTmJbT8x6fXEBNY5zvp20j1Pg2_Mj9OnZOABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM4NjgwMzg3MTIzMzQ1ODAYAA&sigh=-AbbmL-a2qw&uach_m=[UACH]&cid=CAQSKQDUE5ymFmtJ21n6XLX3hiFsXN-K1xCp7gQrbrzgt1CMstZXLL626-8pGAEgEw&tpd=AGWhJmv1vjClyqHDOGojsJZAg66l7x-Xp4AfpZ--iEFf4izSvuUJJc7nEMUHdFPvlUQ-i2IT9CYhQaDL6JNgvSGhSix-OTYbHq19ZkesQe2Hh7MEf3d2MasTQO5rivkrGrMYC_KIG664P9cahQRuGu_sGWyqyIMUZQasxQClgFHHGKjxtu9jglcpm55sVuw4O---2LPmvMSdLg47DMguB7o6hPSXiQE4mjU_hiPF5TvshZmgv8CnSfVpM7VrR6YS7UaAyuZ5osXVA_MNhiHD6FXGAGDKHYjHpJ6PtFTzJtAii4MT0TAmrnEKZUpetqtBGdjIL8kwzvN4NrNrxDBWWlc_qmDKu9oOOUYXQsHIfkG_B8LgD0dtWniydAD12vCQvM5w0vmukG-zGJaZ8o0h22DN29o7fYgFreBUZFrxcOVqD0WiElRvz3Mf9IzaS-WSNtE02PLZUY7FuL-fUCrmGCbsPshMQ5dlw1masanLvTXci8xFSMHleammVGFLHbs9-MB6B9lccEzSrjL_NFWHTmZXbXzdVIAbd7CEyBPsC4jvzYNx8BLHLn0drHTsNCuvmDVCYR7axIw51eI55x0v5kFkbe0FZmfGDYWJv5BdKVJ9S-RtFDOzXsi-WqI4Ijtj9afLXp7Pj2BVrZHgK-ZgoujdsAWh3HSTvES6yUUrIGbPfnN1pNpvW49MbL0HJRUeXRGdnGMOggT_v_D_VxrmVtz6ajWcYfi0wAXM9oEjHkvWn6uO0GEJZcPNMXU4k30LRYYPncfqXExrKy64G53-sd4TTYy6wIV0darlfvKEoLHH9kFomLKSq7NGSBLfLrp2bc0ZjKE0zgwmUB6dqCLSbLM_CxwlJBw1U0fMESjdYLVUv3HMhNcUGZx2ZByUd9REWtC6N8YFVTxVBkHg1thRY03PuSWVaN08WZIdKq-ldZuAI_puB80r__Oz8_VBdTlsXTgZarD08O0NFNhRpNbIV_5r-wLBYyu_IbXHZ91-YMkbXz-X2KTmBrp2mPEX2TstmdXevJMxVNnyc7OEh7AWElmkDYpFiH_nUqPHqlBrbRlJcyGecm8WCYxiXysz-qxuoYkQC3jFIMoIAmVnhqsZWK22QIRs9yllVmdEfSlSAprrcwe6uzgQ
Frame ID: 368C8098AABDFE05789DA90DA1DBF0F3
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CvVgd9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoElQJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmCj13CFnyW78cAwqCyJCEwTnVfOFMgBfa0h9qY1PQ_4O0SGGJt3QgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM4NjgwMzg3MTIzMzQ1ODAYAA&sigh=8TpcOLfUEVw&uach_m=[UACH]&cid=CAQSKQDUE5ym4dnNa5BuQ6FWRQESuwNVIuGSJ28cGnTo3LPdvX_tFQmkRuKAGAEgEw
Frame ID: B0ABCF0C85CB6D8DC9063DA996D8ED22
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g1h6m3q9haac9e57z4kxajjf6smfzg7cw0d0apza7q3g2xmw5md2fs9ns3tr1h4y5eptsgs4bz52s696jc8r1bapwa13mtf94ec9bjwh5cjx5rm3j4xmc2bfbn4nj5gdgg58jfz9kpj132kq88bcar3ts1cs3m0094w8hmeqbd3bxf0y3stg5dz9fv1ezc3dtk4csxvnq8atj4k6mera54r42ey6cz57eaj8paawmjs0bryxpk0x5t5fjx0abvj7301p8e0wbywz5ggrchxmzftdp5063tje02vh7q5ef05sqjg11kz0rehq6ax5wy3gfhd458t97z34swk2k3spvvw7jm4604e3nw8v9wmdj89fscdksx5wk5pcwv4ewgfzk92nn6gmth5d8nm4kzzbt3fp6pe3zbq9sm6mstj4xqxf0f1ac2de&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%26client%3Dca-pub-3868038712334580%26adurl%3D
Frame ID: CBEBDC7C2CA7A4262D7D218DEC9AE1DA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 294BFDC4878206731D0AF2267B07CDA9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CyILC9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJUCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32F0Ay4oz5iTItYNiIcL7P40OOpW_P4Cz85IImXsQUH9fr5Mi2yH6oAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzg2ODAzODcxMjMzNDU4MBgA&sigh=Uq7jOL_74H8&uach_m=[UACH]&cid=CAQSKQDUE5yme5atLiDvTAXKwvhBw9R2iXSGsw4acwdxzcbe2br69dIXLeo_GAEgEw
Frame ID: EC1808D227A6A85D1D9AA844D7A3E324
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gt9zqt9v3jg75hsrdypvh0ks02g2f64dh7q4evp9f31tpr1yv84veeqfg9pswn9hf8qpzskyxjvhdx9djvf8frrj530j9zkxpgb22pe8bjc2g6kmc41m86tatsd15gnnhmzdxwa0h5cvzwr0tzv9rb8893hg5b3m86yr4jymg7k54jh06vtw51xzwxntnhs4zd9bvvcp9ff4v2ky4t6z775rm3kdn77nyby9rbw03q4qttc04tv3v0geb3phhxjgyktg07efdpnq6bgtf9wrqfy64h34tqw7fqm62ayfta2sdwxvw39j812nqvfjr258g1ngz3ajdjdznr05hqnygav338v3r6gxavcgpcv4wtzptectwntm3fy52hjeqdcsvdfagyfazyj2mt8v9mfxh26g9c5vcyyxe1ma8c3q1q04k0kgb1bdpwzaecb6n3ktankvajc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%26client%3Dca-pub-3868038712334580%26adurl%3D
Frame ID: 8402762796AE00350B9FB53613B0ECB2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 14AEF7AE8869FEA0A72AC933C3FBEEBF
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AFEA89903CCEC689069C39D11C1F19DA
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8EE9F3C65FCD89F7B7C28D73AA969D64
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Frame ID: 331F77C3D7D40FBBBB37578A1A2753FC
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Frame ID: 48E39BEA3A6460907EA9A1966F0F8CC6
Requests: 11 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75005700274460200951389012214014&actionid=981741&produktid=&dt_url=
Frame ID: E766CA135E3B5BAE4B9708F74468AA37
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: E7B6C5B6EA4D937A5ED90CA9B2524F30
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2134976655
Frame ID: 829725EE6696837E197EDCAEB6708C83
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=75005700274460200951389012214014&a=0b66f755
Frame ID: 3D51E8EB12AD8BB996048A5F1C1A374D
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A508DDE2AAF82CA261C70287F1E12702
Requests: 9 HTTP requests in this frame

Frame: http://trfnews.i234.me/wordpress/wp-admin/admin-ajax.php?action=likeboxfrontend&
Frame ID: D04603C0E93F34D2B4C3D5CDBE8C854C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv11.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26container_width%3D500%26width%3D500%26height%3D150%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTRFNEWSs%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26tabs%3Dfalse%26small_header%3Dfalse
Frame ID: ED578F04DF1D016305BDD113E17B52C2
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baudette-Rainy River Bridge Completed - TRF News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

246
Requests

69 %
HTTPS

47 %
IPv6

50
Domains

71
Subdomains

53
IPs

8
Countries

4532 kB
Transfer

11944 kB
Size

44
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TRFNEWSs

Search URL Search Domain Scan URL

URL: https://twitter.com/thiefriverfallz

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmzdqAKg-O4C4Ghh7fLTaDw

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Baudette-Rainy+River+Bridge+Completed&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&via=TRF+News
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/&media=http://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/Baudette-Rainy-River-Bridge-Completed.jpg?v=1673931065&description=Baudette-Rainy+River+Bridge+Completed
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://twitter.com/ThiefRiverFallz
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.webpushr.com/
Title: Webpushr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 139

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGj1bmP117XwRjRazjrsVS4&google_cver=1&google_push=Aa02lx-w-6bOXEkGTrz8UnlnEQv1JGuu6BYDaGJ60neOigt1Zrp1HxJsUba0KP79DQxodCMnN_-Dtk_U7KP_hHehSvpWS7gnHqYdWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-w-6bOXEkGTrz8UnlnEQv1JGuu6BYDaGJ60neOigt1Zrp1HxJsUba0KP79DQxodCMnN_-Dtk_U7KP_hHehSvpWS7gnHqYdWg

Request Chain 140

https://um.simpli.fi/gp_match?google_gid=CAESEN4ADrLA7cTsD0bI99hXXAc&google_cver=1&google_push=Aa02lx8ZkC95YR4Z02PI5hfIkmfm3ZT4tZe3LH2F25QaYcd6OheCL1YPjJ8pMvwr_CcViikk7NKno8kxW0gAgoKI7J7oJB9oGMyH-g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B074A76C45A4E14BB69B84FA05490DB&google_push=Aa02lx8ZkC95YR4Z02PI5hfIkmfm3ZT4tZe3LH2F25QaYcd6OheCL1YPjJ8pMvwr_CcViikk7NKno8kxW0gAgoKI7J7oJB9oGMyH-g

Request Chain 141

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHQpq_gHvPflJ50gzNBvz1s&google_cver=1&google_push=Aa02lx8zHmy0uxksZ5ITysVmBYzsL1FuhaBMlcHOObF4dubiKe5UhB-nPddSmM_UpWQVS56QmfdHgZahQ1fIpuXigbdWYT0rCGChPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8zHmy0uxksZ5ITysVmBYzsL1FuhaBMlcHOObF4dubiKe5UhB-nPddSmM_UpWQVS56QmfdHgZahQ1fIpuXigbdWYT0rCGChPw&google_hm=wOZRIGcYQgetWnN4RXYcqaQ

Request Chain 142

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPE8XU5x_KR3BMTcKw9P4gU&google_cver=1&google_push=Aa02lx_8qZ4m6XE5OISQZY1EaB5F96Lu4ZGS18Ogk5iqU4EiU-D0KC94fycsun_06mp7dTV1_fO3igu-GHd1ngmJe3HAPcsRQXAa1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_8qZ4m6XE5OISQZY1EaB5F96Lu4ZGS18Ogk5iqU4EiU-D0KC94fycsun_06mp7dTV1_fO3igu-GHd1ngmJe3HAPcsRQXAa1w&google_hm=eS1DU3NLdnNCRTJwRkdXMEc2YnRIV3NPdDg4SXV1T1hSLn5B

Request Chain 143

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHzovpFmKnHupaHx6pQmHL0&google_cver=1&google_push=Aa02lx-TnO3D2wTPam6OJP2AlJGG_QHvNvjaHMvqrdCVposVpWO6rllOsUhGz4PjRIrdm1mAU2MOEPtfSjQUGhOJyEkwEyw31rIC HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHzovpFmKnHupaHx6pQmHL0&google_cver=1&google_push=Aa02lx-TnO3D2wTPam6OJP2AlJGG_QHvNvjaHMvqrdCVposVpWO6rllOsUhGz4PjRIrdm1mAU2MOEPtfSjQUGhOJyEkwEyw31rIC&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-TnO3D2wTPam6OJP2AlJGG_QHvNvjaHMvqrdCVposVpWO6rllOsUhGz4PjRIrdm1mAU2MOEPtfSjQUGhOJyEkwEyw31rIC&google_hm=GCsdsGZHK5QPgfk7SOGuA8_Z

Request Chain 144

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEL16rL92PK1cQhTf7NIJhwo&google_cver=1&google_push=Aa02lx93f4cDfLu2xsZh0GAWnvKtyRPKAnglfPi0nf7db2WOkSQTl-DOdoz2vU9BUbr1oSI5WJopgYOq-xyWqQIAbKxiHdxn3Aws1ng HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEL16rL92PK1cQhTf7NIJhwo&google_cver=1&google_push=Aa02lx93f4cDfLu2xsZh0GAWnvKtyRPKAnglfPi0nf7db2WOkSQTl-DOdoz2vU9BUbr1oSI5WJopgYOq-xyWqQIAbKxiHdxn3Aws1ng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

Request Chain 151

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1&google_push=Aa02lx_7bsyrtoOTTGNfaszfxZwKnNKYNiLmzlnlx_1WKFV8ooc_YUlVEQ0gjipL7vWMIq3uRV8asQ4x83j9uRHyBvHK6Yb0s3PnABfi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODYwMTA5OTUyMjUwMzkyMDA4OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1

Request Chain 152

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOyFi7x7gjyyta4x4_RyMjU&google_cver=1&google_push=Aa02lx_oeWwNLEwfOurl24Vn39WW6bQdKC1HvWRSacHcvFhdun-K4JWWp8XcNlVqerji7tu4TDvjfNT8lZ-1kOy63CA1XhAOFpEFsgA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOyFi7x7gjyyta4x4_RyMjU&google_cver=1&google_push=Aa02lx_oeWwNLEwfOurl24Vn39WW6bQdKC1HvWRSacHcvFhdun-K4JWWp8XcNlVqerji7tu4TDvjfNT8lZ-1kOy63CA1XhAOFpEFsgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjQxUWVyamsxUGtyRkk1&google_gid=CAESEOyFi7x7gjyyta4x4_RyMjU&google_cver=1&google_push=Aa02lx_oeWwNLEwfOurl24Vn39WW6bQdKC1HvWRSacHcvFhdun-K4JWWp8XcNlVqerji7tu4TDvjfNT8lZ-1kOy63CA1XhAOFpEFsgA

Request Chain 153

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENXHKDct4Kvuzor-HuqJz30&google_cver=1&google_push=Aa02lx-U2paRtY-00zEyhOQfjOpny9ywD0EkqTlVFscCpJMAIWVrFa-1xU-3MCyA5jGa8YgWgeA6Z_ecUIK0iv33a0u1fCb8HE6Hz49A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-U2paRtY-00zEyhOQfjOpny9ywD0EkqTlVFscCpJMAIWVrFa-1xU-3MCyA5jGa8YgWgeA6Z_ecUIK0iv33a0u1fCb8HE6Hz49A&google_hm=PT73_110RJijwsH-iVT3kKQ

Request Chain 154

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEH_4KtgKouAXLeppTWWeuF8&google_cver=1&google_push=Aa02lx8_NccT6y2vJFc1Sbkd2a3poRV88Wp6yEpGi0FQUYDO_0lxhrW_8cOzhs3TPRAKuvyAl9gAUZK4ds-iRa_BJN0EaTk84uwI4Z0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MjM0NzUxODAxMjU1MzM2Mg%3D%3D&google_push=Aa02lx8_NccT6y2vJFc1Sbkd2a3poRV88Wp6yEpGi0FQUYDO_0lxhrW_8cOzhs3TPRAKuvyAl9gAUZK4ds-iRa_BJN0EaTk84uwI4Z0

Request Chain 155

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPQB7XA5p2EYHUKZl-5BA-Y&google_cver=1&google_push=Aa02lx9DjSmYPe6p8BqOPhE3W7RhXVHHdxO-8xQ0OZ3nqsJEj464apsCEFj7fLtcYbkWAtUaiGE0JUl9LNTrrRna09ktbgm688UO8tM HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPQB7XA5p2EYHUKZl-5BA-Y&google_cver=1&google_push=Aa02lx9DjSmYPe6p8BqOPhE3W7RhXVHHdxO-8xQ0OZ3nqsJEj464apsCEFj7fLtcYbkWAtUaiGE0JUl9LNTrrRna09ktbgm688UO8tM&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9DjSmYPe6p8BqOPhE3W7RhXVHHdxO-8xQ0OZ3nqsJEj464apsCEFj7fLtcYbkWAtUaiGE0JUl9LNTrrRna09ktbgm688UO8tM&google_hm=GCsdsGZHSUnWlySARBKS2qsD

Request Chain 156

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENUG2m-OCcYEsbGOhEZ_LcI&google_cver=1&google_push=Aa02lx-in-ZsodxzoFvRFOqa9eeb1CVNwEID3U73wbqBSjL5o-I7ShKGUv3DWDu47_zveAlSulxCYGjmoTDz9xGQDI6KLFhJZ2MrQps HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-in-ZsodxzoFvRFOqa9eeb1CVNwEID3U73wbqBSjL5o-I7ShKGUv3DWDu47_zveAlSulxCYGjmoTDz9xGQDI6KLFhJZ2MrQps&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1674598902186 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-bd326787-3b17-4954-b481-d40961a6cb4d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-in-ZsodxzoFvRFOqa9eeb1CVNwEID3U73wbqBSjL5o-I7ShKGUv3DWDu47_zveAlSulxCYGjmoTDz9xGQDI6KLFhJZ2MrQps%26google_hm%3DA70yZ4c7F0lUtIHUCWGmy00 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-in-ZsodxzoFvRFOqa9eeb1CVNwEID3U73wbqBSjL5o-I7ShKGUv3DWDu47_zveAlSulxCYGjmoTDz9xGQDI6KLFhJZ2MrQps&google_hm=A70yZ4c7F0lUtIHUCWGmy00

Request Chain 157

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDWlbNm8eVXnwJQXclwBnV0&google_cver=1&google_push=Aa02lx-jo9g2Q9igoizk0lvdCP3p_MJQ4JaAHdwD1k8aqzFTAPXlsCMsZZescl9_E8975Cd9WdKHxfkDMyjJzsuVArvyAj4TdJ5pf-1mlg HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDWlbNm8eVXnwJQXclwBnV0&google_cver=1&google_push=Aa02lx-jo9g2Q9igoizk0lvdCP3p_MJQ4JaAHdwD1k8aqzFTAPXlsCMsZZescl9_E8975Cd9WdKHxfkDMyjJzsuVArvyAj4TdJ5pf-1mlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

Request Chain 174

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=75005700274460200951389012214014&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75005700274460200951389012214014&actionid=981741&produktid=&dt_url=

Request Chain 176

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=75005700274460200951389012214014&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2134976655

Request Chain 179

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75005700274460200951389012214014 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75005700274460200951389012214014 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 185

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPq054Wf4fwCFVHvEQgddg0Ibg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023012423214280841840387X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023012423214280841840387X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218

Request Chain 188

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1674598902_7ab44e30-9c35-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 195

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CO-354Wf4fwCFViVdwodyeYBFw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023012423214280841840385X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023012423214280841840385X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218

Request Chain 198

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMy554Wf4fwCFauSdwodvQ8BIQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023012423214280841840391X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 201

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1674598902_7ab67110-9c35-11ed-a333-22367016dc88&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 206

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP8_oxdzPn-6sJNX8DHZDo8&google_cver=1&google_push=Aa02lx8Ikwi5VC8fqd10TCfyFpCFC1bvcPy1MBXH8GtdwjNIbglcw7QQHKeTuTigZPGHL_sFThub_TPMw_-gc-B6ByulniALdM53OYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyOTA0MTkyODQ2NTk5MjE1Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1

Request Chain 208

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMpecCAIuMO68FWf8pjGrTU&google_cver=1&google_push=Aa02lx_dN2JsOpPj_HCFbrUGFMlMmasyBbKx0O5cT_Xb5CqCv4Rj2A_ojKVlTzDLCWUknYwTL5x-LRZO0fZZGIMtuhxXp71-7IbRLJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_dN2JsOpPj_HCFbrUGFMlMmasyBbKx0O5cT_Xb5CqCv4Rj2A_ojKVlTzDLCWUknYwTL5x-LRZO0fZZGIMtuhxXp71-7IbRLJA&google_hm=eS1DU3NLdnNCRTJwRkdXMEc2YnRIV3NPdDg4SXV1T1hSLn5B

Request Chain 209

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI5IH_FAimGT5VExCN7yNd0&google_cver=1&google_push=Aa02lx8FJfFIWAUC6RZcYI_yv2YR3PGorUB-nAzV2kZzUhEkXtGLXCthsUZ8zFlYySxOX3-HrBUf9ZEvr-gE9JQZ-gOTf76uU1_lxwv0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERBU1k2UjQtMjQtQlhJMA==&google_push=Aa02lx8FJfFIWAUC6RZcYI_yv2YR3PGorUB-nAzV2kZzUhEkXtGLXCthsUZ8zFlYySxOX3-HrBUf9ZEvr-gE9JQZ-gOTf76uU1_lxwv0

Request Chain 210

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHYHGHji9vBesNsEmcQJpsw&google_cver=1&google_push=Aa02lx-f89mJg3Y7ywAfmCVvCGRgdrCO9OSx9CMRZXe111euYFo0VWshrzkDxL6IKIe-UrACs2rD9dpqEz6ezVEMcZuGb8ZirjRO7SkL HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-f89mJg3Y7ywAfmCVvCGRgdrCO9OSx9CMRZXe111euYFo0VWshrzkDxL6IKIe-UrACs2rD9dpqEz6ezVEMcZuGb8ZirjRO7SkL&google_hm=GCsdsGZHSUnWlySARBKS2qsD

Request Chain 211

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFSNe6msdgmUNaX54Ir1kuo&google_cver=1&google_push=Aa02lx-XZ61aEWuq4_9guL2m_6XeD1eV31oa9RrImftuifnqQt6GrNOiqnKX53Of8BIunOZGkWo4R24Nb_VbjJ5cq-ru4xphesO5KmMm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-XZ61aEWuq4_9guL2m_6XeD1eV31oa9RrImftuifnqQt6GrNOiqnKX53Of8BIunOZGkWo4R24Nb_VbjJ5cq-ru4xphesO5KmMm

Request Chain 212

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF6lPvgyWwh7JoQf1ycY-y4&google_cver=1&google_push=Aa02lx8CRVkrsrrPKx1x_kTwz4PpoOs_Dg7KjM9JUXY3bja7PnK84UBMHh9w7NzZV2mR7sA8Tj4H5Xa5QS6ADBA_8UMFVCeTX8xlRozwLw HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF6lPvgyWwh7JoQf1ycY-y4&google_cver=1&google_push=Aa02lx8CRVkrsrrPKx1x_kTwz4PpoOs_Dg7KjM9JUXY3bja7PnK84UBMHh9w7NzZV2mR7sA8Tj4H5Xa5QS6ADBA_8UMFVCeTX8xlRozwLw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

Request Chain 226

http://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false HTTP 307
https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false

246 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/ 216 KB
37 KB 1864ms
1601ms Document
text/html 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: aec8b3d14783541065cc999de52771d8d7711289df8f9c551860e43ebd7acf30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 36984
Content-Type: text/html; charset=UTF-8
Date: Tue, 24 Jan 2023 22:21:38 GMT
Keep-Alive: timeout=20
Link: <http://trfnews.i234.me/wordpress/wp-json/>; rel="https://api.w.org/", <http://trfnews.i234.me/wordpress/wp-json/wp/v2/posts/19159>; rel="alternate"; type="application/json", <http://trfnews.i234.me/wordpress/?p=19159>; rel=shortlink
Server: nginx
Vary: Accept-Encoding,User-Agent
X-Pingback: http://trfnews.i234.me/wordpress/xmlrpc.php

GET
H/1.1 200
OK style.min.css
trfnews.i234.me/wordpress/wp-includes/css/dist/block-library/ 79 KB
13 KB 156ms
155ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "13abe-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 13104

GET
H/1.1 200
OK style.css
trfnews.i234.me/wordpress/wp-content/plugins/like-box-pro/includes/gutenberg/ 4 KB
2 KB 308ms
150ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/like-box-pro/includes/gutenberg/style.css?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 46111721e69ab666ec62df8f6c38bb407411f6da8a5439eb21dd2b2160bcfcaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Sep 2021 14:07:33 GMT
Server: nginx
ETag: "f30-5cb17d2261a00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1303

GET
H/1.1 200
OK styles.css
trfnews.i234.me/wordpress/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 309ms
150ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 09:28:39 GMT
Server: nginx
ETag: "aab-5df59ffb9bfc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1034

GET
H/1.1 200
OK wp-automatic.css
trfnews.i234.me/wordpress/wp-content/plugins/wp-automatic/css/ 3 KB
1 KB 307ms
149ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 19:29:16 GMT
Server: nginx
ETag: "a99-5f2a2f2d9419a-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 712

GET
H/1.1 200
OK screen.min.css
trfnews.i234.me/wordpress/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 308ms
150ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.43
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Jan 2023 13:49:12 GMT
Server: nginx
ETag: "15f8-5f2257fa0073b-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1641

GET
H/1.1 200
OK style.css
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
6 KB 313ms
154ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=969f3bb4333afe45565e713582b6de14
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:24:38 GMT
Server: nginx
ETag: "92ec-5f1d3033ecad8-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 5958

GET
H/1.1 200
OK css
fonts.googleapis.com/ 15 KB
2 KB 122ms
73ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.2

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/

Protocol

HTTP/1.1

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2de45ef610b6c9a8d7afd2f408e625379ff3b6b73bf53d09c3850600c7447f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Tue, 24 Jan 2023 22:21:38 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 24 Jan 2023 22:21:38 GMT

GET
H/1.1 200
OK style.css
trfnews.i234.me/wordpress/wp-content/themes/Newspaper/ 149 KB
31 KB 456ms
152ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/themes/Newspaper/style.css?ver=12.2
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 99b17728d81082e7a6e0f8ed2f61b8bb249f1b08c8fe07e9503c18f12a8d797e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:24:10 GMT
Server: nginx
ETag: "25410-5f1d3019963b0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 31409

GET
H/1.1 200
OK td_legacy_main.css
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 161 KB
30 KB 467ms
158ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=969f3bb4333afe45565e713582b6de14
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 690b96d2559591f91a037476ec10a31fa8c92fcccd97dd48136223cfb70e6299

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:24:34 GMT
Server: nginx
ETag: "28238-5f1d303012239-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 30458

GET
H/1.1 200
OK td_standard_pack_main.css
trfnews.i234.me/wordpress/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
85 KB 474ms
166ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=7b24cfa58e9ab053c98d141038fd6ac7
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:25:50 GMT
Server: nginx
ETag: "b2d2a-5f1d3078bb8f3-gzip"
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20

GET
H/1.1 200
OK demo_style.css
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/magazine/ 4 KB
1 KB 464ms
155ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/magazine/demo_style.css?ver=12.2
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: ffe72da830df829bce216164b9feb9f2a6b2f5273dbcbe64f27d00cab07e598c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:24:36 GMT
Server: nginx
ETag: "ec6-5f1d303221388-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1118

GET
H/1.1 200
OK tdb_main.css
trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/css/ 34 KB
7 KB 466ms
158ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=f41b1d596d81a0ab113b1f85139ed2c2
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:25:05 GMT
Server: nginx
ETag: "882f-5f1d304d69d8e-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 6977

GET
H/1.1 200
OK jquery.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/jquery/ 87 KB
34 KB 763ms
151ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "15db1-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 34792

GET
H/1.1 200
OK jquery-migrate.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/jquery/ 11 KB
5 KB 775ms
161ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "2bd8-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 4453

GET
H/1.1 200
OK main-front.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/wp-automatic/js/ 1017 B
729 B 776ms
156ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/wp-automatic/js/main-front.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 19:29:16 GMT
Server: nginx
ETag: "3f9-5f2a2f2da3f7f-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 393

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 258ms
88ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NW06L14YXV

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

633570f8cb96f77167e187df7ca6337911c99e7438badbbcf5abcb69be0f5e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67825
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 24 Jan 2023 22:21:39 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/ 18 KB
6 KB 150ms
150ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "4705-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 5516

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 246ms
77ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129116107-3

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fbdaf967f812a4d7a57617af52ece375d698ec094a4be506b02b83c9ac3e9ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44033
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 24 Jan 2023 22:21:39 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
52 KB 142ms
94ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/

Protocol

HTTP/1.1

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5020e220905d0e2ce4b65074c2ceb47afdb96ec557fd3d328d7cb1197ec00396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52715
X-XSS-Protection: 0
Server: cafe
ETag: 12524394812851840050
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 24 Jan 2023 22:21:39 GMT

GET
H/1.1 200
OK effects.css
trfnews.i234.me/wordpress/wp-content/plugins/like-box-pro/includes/style/ 51 KB
5 KB 453ms
294ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/like-box-pro/includes/style/effects.css?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 2b237f159651404325b27d766fb06380344fcf90ad1150e787c5e566d328edd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 May 2017 01:01:20 GMT
Server: nginx
ETag: "ca5c-54e6bf60bf800-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 4492

GET
H/1.1 200
OK style.css
trfnews.i234.me/wordpress/wp-content/plugins/like-box-pro/includes/style/ 861 B
720 B 459ms
149ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/like-box-pro/includes/style/style.css?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: e62493168262b5794ae612b072600be84f26722e10b257c0cb62d757045c9e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jul 2017 20:36:41 GMT
Server: nginx
ETag: "35d-553c030d4f410-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 398

GET
H/1.1 200
OK dashicons.min.css
trfnews.i234.me/wordpress/wp-includes/css/ 58 KB
36 KB 470ms
156ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/css/dashicons.min.css?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "e688-5df37fb5e2640-gzip"
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20

GET
H/1.1 200
OK thickbox.css
trfnews.i234.me/wordpress/wp-includes/js/thickbox/ 3 KB
1 KB 625ms
170ms Stylesheet
text/css 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/thickbox/thickbox.css?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "a63-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1008

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/dist/vendor/ 6 KB
3 KB 662ms
150ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "1906-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2551

GET
H/1.1 200
OK wp-polyfill.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/dist/vendor/ 16 KB
7 KB 769ms
147ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "4056-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 6559

GET
H/1.1 200
OK index.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 774ms
152ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 May 2022 09:28:39 GMT
Server: nginx
ETag: "25f8-5df59ffb9bfc0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 3532

GET
H/1.1 200
OK underscore.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/ 19 KB
8 KB 774ms
152ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "4a84-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 7922

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 794ms
169ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=f41b1d596d81a0ab113b1f85139ed2c2
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:25:05 GMT
Server: nginx
ETag: "14e2-5f1d304d6e7c6-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2148

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/ 301 KB
84 KB 784ms
153ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.2
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:24:37 GMT
Server: nginx
ETag: "4b207-5f1d30337d5a8-gzip"
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20

GET
H/1.1 200
OK comment-reply.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/ 3 KB
2 KB 924ms
150ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/comment-reply.min.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "ba8-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1383

GET
H/1.1 200
OK smush-lazy-load.min.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 924ms
148ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.4
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Jan 2023 13:17:18 GMT
Server: nginx
ETag: "1ef2-5f261670d900d-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 3834

GET
H/1.1 200
OK js_files_for_front.min.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/js/ 183 KB
51 KB 948ms
154ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=f41b1d596d81a0ab113b1f85139ed2c2
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 195cc8d1cc568e2ad7f92ec4d0ce8fb785476f79d603a785c542ec16ceaacf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 11:25:05 GMT
Server: nginx
ETag: "2dcbf-5f1d304d6dff6-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 52133

GET
H/1.1 200
OK wp-embed.min.js Show response
trfnews.i234.me/wordpress/wp-includes/js/ 1 KB
1 KB 993ms
150ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "592-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 778

GET
H/1.1 200
OK front_end_js.js Show response
trfnews.i234.me/wordpress/wp-content/plugins/like-box-pro/includes/javascript/ 6 KB
2 KB 1068ms
147ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/like-box-pro/includes/javascript/front_end_js.js?ver=5.8.3
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 70df2c6bf5eccf4aea0864cbe673cabddb35af2e0928a31ae7341abae3d646eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 10:22:56 GMT
Server: nginx
ETag: "19bd-5c580681c05d0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1915

GET
H/1.1 200
OK thickbox.js Show response
trfnews.i234.me/wordpress/wp-includes/js/thickbox/ 13 KB
5 KB 1075ms
151ms Script
application/javascript 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "338a-5df37fb5e2640-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 4366

GET
H2 404 1.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2022/12/ 0
0 1054ms
738ms Image
text/html 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/1.jpg?v=1670241682
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 200
OK newspaper.woff
trfnews.i234.me/wordpress/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 164ms
150ms Font
font/x-woff 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/wp-content/themes/Newspaper/style.css?ver=12.2
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer: http://trfnews.i234.me/wordpress/wp-content/themes/Newspaper/style.css?ver=12.2
Origin: http://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Last-Modified: Mon, 09 Jan 2023 11:24:10 GMT
Server: nginx
ETag: "82d0-5f1d301924b58"
Vary: User-Agent
Content-Type: font/x-woff
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 33488

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 71ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 23 Jan 2023 18:05:24 GMT
X-Content-Type-Options: nosniff
Age: 101775
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15744
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 23 Jan 2024 18:05:24 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 15:29:47 GMT
X-Content-Type-Options: nosniff
Age: 283912
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15860
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 21 Jan 2024 15:29:47 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame 800E 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK elements.png
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 345ms
150ms Image
image/png 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=969f3bb4333afe45565e713582b6de14
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=969f3bb4333afe45565e713582b6de14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Last-Modified: Mon, 09 Jan 2023 11:24:34 GMT
Server: nginx
ETag: "1035-5f1d30303589c"
Vary: User-Agent
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 4149

GET
H2 404 13.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2022/12/ 0
0 846ms
571ms Image
text/html 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/13.jpg?v=1670241907
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 200
OK newspaper-icons.woff
trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
6 KB 231ms
147ms Font
font/x-woff 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=969f3bb4333afe45565e713582b6de14
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

Referer: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=969f3bb4333afe45565e713582b6de14
Origin: http://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:39 GMT
Last-Modified: Mon, 09 Jan 2023 11:24:34 GMT
Server: nginx
ETag: "1744-5f1d303014561"
Vary: User-Agent
Content-Type: font/x-woff
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 5956

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
45 KB 70ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 05:09:54 GMT
X-Content-Type-Options: nosniff
Age: 407505
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 44856
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 20 Jan 2024 05:09:54 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 71ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=12.2

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 02:21:23 GMT
X-Content-Type-Options: nosniff
Age: 244816
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15920
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:45 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Mon, 22 Jan 2024 02:21:23 GMT

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230119/r20190131/ Frame 241D 10 KB
5 KB 127ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230119/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:48:07 GMT
etag: 10353107486223812946
expires: Tue, 07 Feb 2023 18:48:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 EDaFPnV2fxc Show response
www.youtube.com/embed/ Frame 800E 67 KB
28 KB 201ms
122ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a115fe3f8c7e9cbdb6849e07004e1c1d21df8d0bd2efb30b36eb6d24a947667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 34120428_1717002915020068_6653868136460189696_n.png
trfnews.i234.me/wordpress/wp-content/uploads/2022/12/ 42 KB
42 KB 155ms
151ms Image
image/png 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/34120428_1717002915020068_6653868136460189696_n.png
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 07eedabca3ad6616a40e1253b51c2b398db458c0d088217e663880cfdc4c96c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:39 GMT
last-modified: Sat, 03 Dec 2022 23:24:58 GMT
server: nginx
etag: "a6f5-5eef4c3407a17"
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 42741

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 77ms
76ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NW06L14YXV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129116107-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64c8917d3c849cbc944ec38711313efd82355f0abcadd5d5ab86c11dd0f452db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67862
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 24 Jan 2023 22:21:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129116107-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 20:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6930
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 24 Jan 2023 22:26:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 53ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NW06L14YXV&gtm=2oe1n0&_p=178886225&cid=1578566782.1674598900&ul=en-us&sr=1600x1200&_s=1&sid=1674598899&sct=1&seg=0&dl=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&dt=Baudette-Rainy%20River%20Bridge%20Completed%20-%20TRF%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NW06L14YXV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://trfnews.i234.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 46ms
45ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=178886225&t=pageview&_s=1&dl=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&ul=en-us&de=UTF-8&dt=Baudette-Rainy%20River%20Bridge%20Completed%20-%20TRF%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1024272533&gjid=2138568034&cid=1578566782.1674598900&tid=UA-129116107-3&_gid=2138999625.1674598900&_r=1&_slc=1&gtm=2ou1n0&z=1194074242

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://trfnews.i234.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://trfnews.i234.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame 800E 360 KB
49 KB 36ms
36ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:46:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 11:46:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 800E 15 KB
15 KB 124ms
44ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 10813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 800E 15 KB
16 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:59:48 GMT
x-content-type-options: nosniff
age: 12112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 24 Jan 2024 18:59:48 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame 800E 342 KB
107 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 16:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 16:17:52 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 800E 2 MB
599 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:02:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 454761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 612479
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:02:19 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame 800E 9 KB
3 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 16:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Jan 2024 16:43:01 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=178886225&t=pageview&_s=2&dl=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&ul=en-us&de=UTF-8&dt=Baudette-Rainy%20River%20Bridge%20Completed%20-%20TRF%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1578566782.1674598900&tid=UA-129116107-3&_gid=2138999625.1674598900&gtm=2ou1n0&z=768435949

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 21:07:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4446
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app.min.js Show response
cdn.webpushr.com/ 42 KB
12 KB 36ms
6ms Script
application/javascript 167.71.57.196
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webpushr.com/app.min.js
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.57.196 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 33963ee4b83b5c6dfe8a85b098f9d4494b85955de79ffa0e038bad24730b2d0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:40 GMT
content-encoding: gzip
last-modified: Wed, 26 Oct 2022 21:41:57 GMT
server: nginx/1.16.1
etag: W/"6359a9a5-a92e"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
x-gg-cache-status: HIT, HIT
cache-control: max-age=86400
expires: Wed, 25 Jan 2023 22:21:40 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ 992 B
517 B 64ms
64ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 24 Jan 2023 22:21:40 GMT

GET
H/1.1 200
OK loadingAnimation.gif
trfnews.i234.me/wordpress/wp-includes/js/thickbox/ 15 KB
15 KB 158ms
157ms Image
image/gif 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:40 GMT
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "3b86-5df37fb5e2640"
Vary: User-Agent
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 15238

POST
H/1.1 200
OK get_info Show response
bot.webpushr.com/prompt/ 30 KB
9 KB 524ms
164ms Fetch
text/html 64.225.42.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.webpushr.com/prompt/get_info
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.225.42.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0a54e371c1e7e371d283d6e214097d2367e1dc7d7324292b3d4ff30a6094f762

Request headers

Referer: http://trfnews.i234.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 24 Jan 2023 22:21:40 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
X-Fastcgi-Cache: HIT
Access-Control-Allow-Origin: http://trfnews.i234.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
server_name: lookup4

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 183 KB
61 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 20:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62798
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 20:22:41 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 800E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

46ms
46ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b8f2b9057459cc49ad9e57815844be1452347e6ea3c710eb90c1e048396f428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Jan 2023 22:21:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 800E 29 B
588 B 136ms
38ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:09:12 GMT
x-content-type-options: nosniff
age: 748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 22:24:12 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 142ms
46ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 24 Jan 2023 22:21:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 800E 66 KB
30 KB 53ms
52ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fa1604030d5cb9558b680e018604c872987558fa9cfd5523c4f2b50240c72fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 24 Jan 2023 22:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30971
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 800E 119 KB
37 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 17:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 363935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37359
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Jan 2024 17:16:05 GMT

GET
H2 200 wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js Show response
www.google.com/js/th/ Frame 800E 36 KB
14 KB 118ms
36ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 452214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14173
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 16:44:46 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 800E 26 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 454743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8398
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:02:37 GMT

GET
DATA 200
OK truncated
/ Frame 800E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJVVdEF68V3Yc142bEmXOvXRG9uLDnh9BQsXsySgEw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 800E 3 KB
4 KB 176ms
47ms Image
image/jpeg 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJVVdEF68V3Yc142bEmXOvXRG9uLDnh9BQsXsySgEw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2c42b0c73e798fe17937d9ff1bac40397b58eeb1fa17ef736a2a726637c90f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 20:52:37 GMT
x-content-type-options: nosniff
age: 5343
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3368
x-xss-protection: 0
server: fife
etag: "v82"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 23 Jan 2023 16:50:28 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/EDaFPnV2fxc/ Frame 800E 255 KB
256 KB 253ms
137ms Image
image/jpeg 2a00:1450:400d:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/EDaFPnV2fxc/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf11f7099b4fe3aa172603f8beda098c4bf2521841d432b01b986bbff59a227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:40 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 261372
x-xss-protection: 0
server: sffe
etag: "1603360916"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 25 Jan 2023 00:21:40 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 800E 4 KB
2 KB 305ms
188ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:21:40 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 800E 90 B
134 B 50ms
50ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e344326df212ed6eb8d06155104ba8919dd81bfeafef52a3ddd186f6af7879a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 24 Jan 2023 22:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 45ms
45ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 24 Jan 2023 22:21:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H/1.1 404
Not Found error_204 Show response
trfnews.i234.me/ 3 KB
2 KB 151ms
151ms XHR
text/html 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL: http://trfnews.i234.me/error_204?a=logerror&t=jserror&type=SyntaxError&msg=Failed%20to%20execute%20%27postMessage%27%20on%20%27Window%27%3A%20Invalid%20target%20origin%20%27data%3A%27%20in%20a%20call%20to%20%27postMessage%27.&line=Not%20available&level=WARNING&client.name=1
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: df08ecea3c17448cf735e62672f7a8dc5e66cc411e620dbd2e609e730d485b48

Request headers

X-YouTube-Ad-Signals: dt=1674598900467&flash=0&frm&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=1200&biw=1600&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image
X-YouTube-Utc-Offset: 0
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-YouTube-Time-Zone: Etc/Unknown
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 24 Jan 2023 22:21:40 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"6245516d-c8c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
Keep-Alive: timeout=20

POST
H/1.1 200
OK impression Show response
analytics.webpushr.com/notification_card/ 0
537 B 520ms
165ms Fetch
text/html 64.227.60.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/notification_card/impression
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://trfnews.i234.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 24 Jan 2023 22:21:41 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://trfnews.i234.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK prompt Show response
analytics.webpushr.com/impression/ 0
537 B 520ms
168ms Fetch
text/html 64.227.60.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/impression/prompt
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://trfnews.i234.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 24 Jan 2023 22:21:41 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://trfnews.i234.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK prompt Show response
analytics.webpushr.com/impression/ 0
537 B 521ms
168ms Fetch
text/html 64.227.60.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/impression/prompt
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://trfnews.i234.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 24 Jan 2023 22:21:41 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://trfnews.i234.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
DATA 200
OK truncated
/ 643 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df28ecf929157156d9e444395da96bba8bec6319d1e88ea7241ee861bb1e76e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8hqV4Znppo.png
cdn.webpushr.com/siteassets/ 7 KB
7 KB 7ms
7ms Image
image/png 167.71.57.196
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.webpushr.com/siteassets/8hqV4Znppo.png
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.57.196 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5b148a623c3cc31ff6fb34db0280b42a375d9d1f6e00688f24c977aa5e73fe1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:40 GMT
last-modified: Sat, 10 Jul 2021 15:08:49 GMT
server: nginx/1.16.1
etag: "60e9b801-1cf6"
content-type: image/png
access-control-allow-origin: *
x-gg-cache-status: HIT
accept-ranges: bytes
content-length: 7414

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/ 358 KB
118 KB 226ms
110ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3868038712334580&plah=trfnews.i234.me

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4ee3aa96bb51d3e436bfdfd9ca669e6ccdea8e764c4a7f11e3084e1c7de9a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120415
x-xss-protection: 0
server: cafe
etag: 13879741174347446988
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 24 Jan 2023 22:21:41 GMT

GET
H/1.1 200
OK Obituary-Robert-G-Hodgson-of-Grand-Forks-North-Dakota-100x70.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 2 KB
2 KB 150ms
150ms Image
image/jpeg 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/Obituary-Robert-G-Hodgson-of-Grand-Forks-North-Dakota-100x70.jpg?v=1674598872
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: bd7b3add38bb9fd373baa4bb0af241358ddb8fae784a3b84a5167393cd8561c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:40 GMT
Last-Modified: Tue, 24 Jan 2023 22:21:16 GMT
Server: nginx
ETag: "78d-5f309ef277175"
Vary: User-Agent
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1933

GET
H/1.1 200
OK Obituary-Robert-G-Hodgson-of-Grand-Forks-North-Dakota-150x150.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 4 KB
4 KB 150ms
149ms Image
image/jpeg 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/Obituary-Robert-G-Hodgson-of-Grand-Forks-North-Dakota-150x150.jpg?v=1674598872
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 9234285a8a1053c4cd3482bfa064b7906b1e13d11ddb9d3fe88b3127a111e13d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:41 GMT
Last-Modified: Tue, 24 Jan 2023 22:21:16 GMT
Server: nginx
ETag: "10e6-5f309ef27e6a4"
Vary: User-Agent
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 4326

GET
H/1.1 200
OK Obituary-Timothy-Keezer-Sr-of-Waubun-Minnesota-100x70.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 3 KB
3 KB 150ms
150ms Image
image/jpeg 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/Obituary-Timothy-Keezer-Sr-of-Waubun-Minnesota-100x70.jpg?v=1674597046
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: a13486e2ac94d1a7a1873b3b6aa98899e1fd389cdb1bbc311d724bd342591c47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:41 GMT
Last-Modified: Tue, 24 Jan 2023 21:50:49 GMT
Server: nginx
ETag: "a6e-5f309824403be"
Vary: User-Agent
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2670

GET
H/1.1 200
OK Obituary-Timothy-Keezer-Sr-of-Waubun-Minnesota-150x150.jpg
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 5 KB
6 KB 148ms
148ms Image
image/jpeg 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/Obituary-Timothy-Keezer-Sr-of-Waubun-Minnesota-150x150.jpg?v=1674597046
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: de2f54001158d578e36c426f076c1862cae52387d89919355a0176588d76e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:41 GMT
Last-Modified: Tue, 24 Jan 2023 21:50:49 GMT
Server: nginx
ETag: "153d-5f30982447cd5"
Vary: User-Agent
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 5437

GET
H/1.1 200
OK POliceLightsGettyImages-1185364093-1-100x70.webp
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 2 KB
2 KB 148ms
148ms Image
image/webp 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/POliceLightsGettyImages-1185364093-1-100x70.webp
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: def0ba870ea4112a81d270fea44a1fe31df45ad236f250e6885fe1f5959d3677

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:41 GMT
Last-Modified: Fri, 20 Jan 2023 13:50:56 GMT
Server: nginx
ETag: "89c-5f2b256b4fc70"
Vary: User-Agent
Content-Type: image/webp
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2204

GET
H/1.1 200
OK POliceLightsGettyImages-1185364093-1-150x150.webp
trfnews.i234.me/wordpress/wp-content/uploads/2023/01/ 4 KB
5 KB 150ms
149ms Image
image/webp 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-content/uploads/2023/01/POliceLightsGettyImages-1185364093-1-150x150.webp
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: cdc849dd3dde7b6f7a8a1c2e55d274ac159a5af5779f6fe4e1cabf7d8e22bb7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:41 GMT
Last-Modified: Fri, 20 Jan 2023 13:50:49 GMT
Server: nginx
ETag: "1126-5f2b25650480d"
Vary: User-Agent
Content-Type: image/webp
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 4390

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
693 B 131ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=trfnews.i234.me&callback=_gfp_s_&client=ca-pub-3868038712334580

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3868038712334580&plah=trfnews.i234.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92efad0e503b8c3761698b954821b25efdc1766c3d2a458635c3364a268cf31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 146ms
48ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=trfnews.i234.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 192ms
69ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trfnews.i234.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4735 436 B
236 B 235ms
235ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=208453893&adf=1183505835&pi=t.ma~as.6622280029&w=728&lmt=1674598901&format=728x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900893&bpp=4&bdt=2092&idt=389&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&correlator=4505641949155&frm=20&pv=2&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=606&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=GDlTzrwOWN&p=http%3A//trfnews.i234.me&dtd=416

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70ca90a901133a24c9c5f2f429f5d34cc552ac20ed424d7210e27c1564965add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 191ms
92ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230119&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa21058838cf29cef6b61d920b6716f96a897f4589258f7aacebcac73ce66520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10924
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
112 B 82ms
81ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&tn=WEBPUSHRPROMPTCONATINER&cls=Slide-in&ign=false&pw=1600&ph=1200&x=800&y=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96FD 24 KB
5 KB 362ms
361ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&adk=1812271804&adf=3025194257&lmt=1674598901&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x675_l%7C236x675_r&format=0x0&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&ea=0&pra=7&wgl=1&dt=1674598900897&bpp=3&bdt=2096&idt=421&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=434

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4017bf9c1c74f26076eb47a406f0e72b6d923cd50613a741a11522e0264a1a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5518
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 556B 436 B
235 B 250ms
250ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=297702279&adf=196230953&pi=t.ma~as.6622280029&w=468&lmt=1674598901&format=468x60&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900900&bpp=1&bdt=2099&idt=434&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=380&ady=1086&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=5bb6LphXFf&p=http%3A//trfnews.i234.me&dtd=437

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c3fff40df7bfb6b02a58a0485d19cacc36de6642f9dc762283cb3960cd7d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC64 436 B
235 B 239ms
238ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=60&slotname=6622280029&adk=297702279&adf=3484958483&pi=t.ma~as.6622280029&w=468&lmt=1674598901&format=468x60&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900901&bpp=1&bdt=2100&idt=440&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=380&ady=1271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=oR8pdkdEMN&p=http%3A//trfnews.i234.me&dtd=443

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4efd8a47be611448c28bf806c11d8f91c5b029fa79b2e0515de90f93f836877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D389 436 B
237 B 213ms
212ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&slotname=6622280029&adk=2208689566&adf=3262530445&pi=t.ma~as.6622280029&w=300&lmt=1674598901&format=300x250&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900902&bpp=1&bdt=2101&idt=443&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1022&ady=523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=aOvolXzvJS&p=http%3A//trfnews.i234.me&dtd=446

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

321f5a485fcdd4cca1621efc778daf0b941251999015fe7c26cad381a0f8001b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55CB 436 B
236 B 242ms
242ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&slotname=6622280029&adk=899296659&adf=2614346290&pi=t.ma~as.6622280029&w=728&lmt=1674598901&format=728x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&wgl=1&dt=1674598900903&bpp=1&bdt=2102&idt=450&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250&nras=1&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=2346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=sysS1vT2tO&p=http%3A//trfnews.i234.me&dtd=453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41e1dcd4cbb2dc570ab63c68231c973f457e0c63e74bdc3c240bcb195324aacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 283ms
166ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:21:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=trfnews.i234.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 69ms
69ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=trfnews.i234.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BCF2 31 KB
12 KB 260ms
259ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&adk=4246380789&adf=2745757192&pi=t.aa~a.1673028110~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=324x250&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=2&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90&nras=2&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=TCEMjJG82W&p=http%3A//trfnews.i234.me&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

254612bfc015f7c90eead4873544ebccc247930bdfb26b3afd7e7c81d4347496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12435
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 522A 32 KB
13 KB 216ms
215ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7850f6ef454c88c54716856c6d086544df9d08394005e4b6e30e09ef59b44de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C2C 31 KB
12 KB 254ms
254ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=2743202993&adf=3116027668&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2937&idt=0&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250%2C1200x90&nras=4&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=62rr2AaK1P&p=http%3A//trfnews.i234.me&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91e9dbff9d2cefcd09994a4b01cd2294afc42afafbb2f9140251e14e52d68f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12568
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 18F3 13 KB
5 KB 49ms
47ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 87364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 22:05:37 GMT
expires: Tue, 23 Jan 2024 22:05:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EC29 783 B
963 B 47ms
46ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cf4a9a630b1f404414192b490ebe257391be12203632b6528a48388b000794c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MRn_Y41aO5sxWwY2ohySJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MRn_Y41aO5sxWwY2ohySJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Tue, 24 Jan 2023 22:21:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EC29 0
0 80ms
80ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230119&jk=3280575369490976&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 18F3 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 18:28:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 368C 0
0 86ms
84ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdEG19VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSVAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTM5GjH9HTRh1MzJkgeaTmJbT8x6fXEBNY5zvp20j1Pg2_Mj9OnZOABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM4NjgwMzg3MTIzMzQ1ODAYAA&sigh=-AbbmL-a2qw&uach_m=[UACH]&cid=CAQSKQDUE5ymFmtJ21n6XLX3hiFsXN-K1xCp7gQrbrzgt1CMstZXLL626-8pGAEgEw&tpd=AGWhJmv1vjClyqHDOGojsJZAg66l7x-Xp4AfpZ--iEFf4izSvuUJJc7nEMUHdFPvlUQ-i2IT9CYhQaDL6JNgvSGhSix-OTYbHq19ZkesQe2Hh7MEf3d2MasTQO5rivkrGrMYC_KIG664P9cahQRuGu_sGWyqyIMUZQasxQClgFHHGKjxtu9jglcpm55sVuw4O---2LPmvMSdLg47DMguB7o6hPSXiQE4mjU_hiPF5TvshZmgv8CnSfVpM7VrR6YS7UaAyuZ5osXVA_MNhiHD6FXGAGDKHYjHpJ6PtFTzJtAii4MT0TAmrnEKZUpetqtBGdjIL8kwzvN4NrNrxDBWWlc_qmDKu9oOOUYXQsHIfkG_B8LgD0dtWniydAD12vCQvM5w0vmukG-zGJaZ8o0h22DN29o7fYgFreBUZFrxcOVqD0WiElRvz3Mf9IzaS-WSNtE02PLZUY7FuL-fUCrmGCbsPshMQ5dlw1masanLvTXci8xFSMHleammVGFLHbs9-MB6B9lccEzSrjL_NFWHTmZXbXzdVIAbd7CEyBPsC4jvzYNx8BLHLn0drHTsNCuvmDVCYR7axIw51eI55x0v5kFkbe0FZmfGDYWJv5BdKVJ9S-RtFDOzXsi-WqI4Ijtj9afLXp7Pj2BVrZHgK-ZgoujdsAWh3HSTvES6yUUrIGbPfnN1pNpvW49MbL0HJRUeXRGdnGMOggT_v_D_VxrmVtz6ajWcYfi0wAXM9oEjHkvWn6uO0GEJZcPNMXU4k30LRYYPncfqXExrKy64G53-sd4TTYy6wIV0darlfvKEoLHH9kFomLKSq7NGSBLfLrp2bc0ZjKE0zgwmUB6dqCLSbLM_CxwlJBw1U0fMESjdYLVUv3HMhNcUGZx2ZByUd9REWtC6N8YFVTxVBkHg1thRY03PuSWVaN08WZIdKq-ldZuAI_puB80r__Oz8_VBdTlsXTgZarD08O0NFNhRpNbIV_5r-wLBYyu_IbXHZ91-YMkbXz-X2KTmBrp2mPEX2TstmdXevJMxVNnyc7OEh7AWElmkDYpFiH_nUqPHqlBrbRlJcyGecm8WCYxiXysz-qxuoYkQC3jFIMoIAmVnhqsZWK22QIRs9yllVmdEfSlSAprrcwe6uzgQ

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Jan 2023 22:21:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 368C 3 KB
2 KB 109ms
46ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmprek5UYzFZemt0T0dZeE1DMDJZV1kwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODI0NzkxMzcyNDEzNjYzMTUvNjYyMjMzMi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3Q29EZ3pia0lSVzg5QkZ6Q1NaRmVfOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzgyNDc5MTM3MjQxMzY2MzE1L2Ftcy8wLzQ1OC85Ny85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY3NDU5ODkwMS8xNjc0NjExNTAxLzQvcHViLTM4NjgwMzg3MTIzMzQ1ODAv/eDUzOPiwCEP8K_NQVHKwrpZEaCs&nodeid=3303&group=cdg&auctionid=6382479137241366315&pbs_auctionid=6382479137241366315&shardkey=6382479137241366315&sid=4562306&cid=6622332&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%26client%3Dca-pub-3868038712334580%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.377.0 /
Resource Hash: 3eec981ffd48c2613406a197ab0285deb4f88b48ad3f975461720ce061a5cd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
x-mm-nodeid: 3303
Content-Encoding: gzip
x-mm-bid-request-time: 1674598901
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Tue, 24 Jan 2023 22:21:41 GMT
Server: MMBD/3.377.0
x-mm-latency: 33 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x22, cdg-bidder-x62
x-mm-lag: 1
Expires: Tue, 24 Jan 2023 22:21:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame 368C 3 KB
1 KB 49ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 20:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 20:34:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame 368C 18 KB
7 KB 50ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7520
x-xss-protection: 0
server: cafe
etag: 14267389461115588627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 18:00:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 368C 0
0 48ms
46ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5mbJogddXip8RozHvhsAmGVszdJcJQ67uP2w31-t34_utW7Eq5fvDsLwJuZYyCMqxVWQLK4QYdYcq6nscEX3dJmnRWg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 368C 156 KB
48 KB 309ms
191ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674478187548999"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:21:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B0AB 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvVgd9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoElQJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmCj13CFnyW78cAwqCyJCEwTnVfOFMgBfa0h9qY1PQ_4O0SGGJt3QgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM4NjgwMzg3MTIzMzQ1ODAYAA&sigh=8TpcOLfUEVw&uach_m=[UACH]&cid=CAQSKQDUE5ym4dnNa5BuQ6FWRQESuwNVIuGSJ28cGnTo3LPdvX_tFQmkRuKAGAEgEw

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&adk=4246380789&adf=2745757192&pi=t.aa~a.1673028110~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=324x250&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=2&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90&nras=2&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=TCEMjJG82W&p=http%3A//trfnews.i234.me&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Jan 2023 22:21:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B0AB 0
0 62ms
22ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jb8ke7fraxvstqqh53gv875pp2vhm9fx4c13p7b1zfvbkp27ywhpdy6kap7nb6v05mey2pzxwqhb1rwma46sayjbnfg5q6sdrs01hqcmezxx0pvzmh9t89059dwmjybn1s7h4n6h01yc6eksddwgdzzx8714rde4e3b7vpr8a14fe753nwdyya63qt535vga51kp7tpg83q7gp3ymnfyd88afz33fj47gywmms811mvv6gt678gnc40rggzds9jmraptjgxyvj3b6z2qyx0zfzq9dcqtspvwrtkea64ba9f21n8he5ayv0fk2x1e46mjh7wkx1s8jff901xywkbwmjswtsx51ksva7sdmnv7dnwfhcp1397jmvj8834d09rkgfbt1psmw&b=Y9BZ9QAL-pMCHkXsAAg3cgV_p55C0LDA2NjODQ
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 24 Jan 2023 22:21:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame CBEB 2 KB
1 KB 72ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g1h6m3q9haac9e57z4kxajjf6smfzg7cw0d0apza7q3g2xmw5md2fs9ns3tr1h4y5eptsgs4bz52s696jc8r1bapwa13mtf94ec9bjwh5cjx5rm3j4xmc2bfbn4nj5gdgg58jfz9kpj132kq88bcar3ts1cs3m0094w8hmeqbd3bxf0y3stg5dz9fv1ezc3dtk4csxvnq8atj4k6mera54r42ey6cz57eaj8paawmjs0bryxpk0x5t5fjx0abvj7301p8e0wbywz5ggrchxmzftdp5063tje02vh7q5ef05sqjg11kz0rehq6ax5wy3gfhd458t97z34swk2k3spvvw7jm4604e3nw8v9wmdj89fscdksx5wk5pcwv4ewgfzk92nn6gmth5d8nm4kzzbt3fp6pe3zbq9sm6mstj4xqxf0f1ac2de&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%26client%3Dca-pub-3868038712334580%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&adk=4246380789&adf=2745757192&pi=t.aa~a.1673028110~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=324x250&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=2&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90&nras=2&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=TCEMjJG82W&p=http%3A//trfnews.i234.me&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d10295dc8a8f7eab2e6ed6db028ac94f02edff9a800aa4ce171224283f49220

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78ec29e1ee1a9b8c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame B0AB 3 KB
1 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 20:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 20:34:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 294B 1 KB
643 B 48ms
47ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 07:57:21 GMT
etag: 48472445140208031
expires: Wed, 25 Jan 2023 07:57:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame B0AB 18 KB
7 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7520
x-xss-protection: 0
server: cafe
etag: 14267389461115588627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 18:00:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B0AB 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRv_DdWqo6L_RLIM_PmKN7beJRHRl9FW85Fu6Jsp3AoQzAEGP7hSO6boVLpMkCm58gtOvVHwGsEKJHAkRktLgSN14PzTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&adk=4246380789&adf=2745757192&pi=t.aa~a.1673028110~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=324x250&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=2&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90&nras=2&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=TCEMjJG82W&p=http%3A//trfnews.i234.me&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0AB 156 KB
48 KB 297ms
201ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674478187548999"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:21:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EC18 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyILC9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJUCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32F0Ay4oz5iTItYNiIcL7P40OOpW_P4Cz85IImXsQUH9fr5Mi2yH6oAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzg2ODAzODcxMjMzNDU4MBgA&sigh=Uq7jOL_74H8&uach_m=[UACH]&cid=CAQSKQDUE5yme5atLiDvTAXKwvhBw9R2iXSGsw4acwdxzcbe2br69dIXLeo_GAEgEw

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=2743202993&adf=3116027668&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2937&idt=0&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250%2C1200x90&nras=4&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=62rr2AaK1P&p=http%3A//trfnews.i234.me&dtd=30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Jan 2023 22:21:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EC18 0
0 44ms
23ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j6by1v5qmya6v76wxf24k99q3fxpy02vke9fwawras4tw8rert4wbqhwndgxejxg3yrk1cc3at6fdtegyk23z3qtwxk162qkfa64ayeznjbm8csr89w24q0p1gjmy9wb4ccawjbgby2nj24gtka6bxkqmq4atz6bpz4vc8y7rw35wmx1x9bkmp1ypwq9ge1qavvsexhsrfx9z9ysdkd6gjrgfs70d9e885772vv8wxm2ewx0j8knbd0zb2fxmtgvk0e6bnq0a0mjgm36awszs4rwghptbyme10vmm1msbh1d31fpzbnk7teech3z6peqevm2h0xtzz1zt30az5wnqnzsjsyds0shbhqxqh3y5gdvbhd596mgakt1r1t0etsyqd0tzhtqnnn1jg&b=Y9BZ9QAMUxEKGSgPAASatFw8qqyaOnBBFy5zCA
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 24 Jan 2023 22:21:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 8402 2 KB
3 KB 48ms
29ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gt9zqt9v3jg75hsrdypvh0ks02g2f64dh7q4evp9f31tpr1yv84veeqfg9pswn9hf8qpzskyxjvhdx9djvf8frrj530j9zkxpgb22pe8bjc2g6kmc41m86tatsd15gnnhmzdxwa0h5cvzwr0tzv9rb8893hg5b3m86yr4jymg7k54jh06vtw51xzwxntnhs4zd9bvvcp9ff4v2ky4t6z775rm3kdn77nyby9rbw03q4qttc04tv3v0geb3phhxjgyktg07efdpnq6bgtf9wrqfy64h34tqw7fqm62ayfta2sdwxvw39j812nqvfjr258g1ngz3ajdjdznr05hqnygav338v3r6gxavcgpcv4wtzptectwntm3fy52hjeqdcsvdfagyfazyj2mt8v9mfxh26g9c5vcyyxe1ma8c3q1q04k0kgb1bdpwzaecb6n3ktankvajc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%26client%3Dca-pub-3868038712334580%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=2743202993&adf=3116027668&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2937&idt=0&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250%2C1200x90&nras=4&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=62rr2AaK1P&p=http%3A//trfnews.i234.me&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c58fdf5d233976a01b73dc8204e3ef2c2481e6d54b61709a7bc6017a67af31d2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78ec29e1ee1e9b8c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame EC18 3 KB
1 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 20:34:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 20:34:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 14AE 1 KB
643 B 48ms
47ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 07:57:21 GMT
etag: 48472445140208031
expires: Wed, 25 Jan 2023 07:57:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame EC18 18 KB
7 KB 48ms
48ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7520
x-xss-protection: 0
server: cafe
etag: 14267389461115588627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 18:00:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EC18 0
0 47ms
46ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhVuE7OHJ7HUpKpEnBXCJ9s-tsV_PeZYlaRZ_1ptmpqXRw6E-MAfEUdBMLZqV8X2EHBZydh14U2lpognEvcEPLZN9Zug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=2743202993&adf=3116027668&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2937&idt=0&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250%2C1200x90&nras=4&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=62rr2AaK1P&p=http%3A//trfnews.i234.me&dtd=30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC18 156 KB
48 KB 333ms
255ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674478187548999"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:21:42 GMT

GET
DATA 200
OK truncated
/ Frame B0AB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f72f07d7841b6e4cc7a3e92d841e71ce1a97098014c6066489c81337d7b4b0cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 294B 0
104 B 127ms
27ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE120_zBzzfmsorEOib9wSI&google_cver=1&google_push=Aa02lx8hxhEesxqMQuiVEcZlhHBx2W8HLF5AhX78nwrBsY0_BQ5OwObw06EuI2ZdgygOyhB4HV5c_y6wBJ8YUQ4OBUtR-P1QCuvt6A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=250&adk=4246380789&adf=2745757192&pi=t.aa~a.1673028110~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=324x250&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=2&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90&nras=2&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=TCEMjJG82W&p=http%3A//trfnews.i234.me&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 294B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGj1bmP117XwRjRazjrsVS4&google_cver=1&google_push=Aa02lx-w-6bOXEkGTrz8UnlnEQv1JGuu6BYDaGJ60neOigt1Zrp1HxJsUba0KP79DQxodCMnN_-Dtk_U7KP_hHeh...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-w-6bOXEkGTrz8UnlnEQv1JGuu6BYDaGJ60neOigt1Zrp1HxJsUba0KP79DQxodCMnN_-Dtk_U7KP_hHehSvpWS7gnHqYdWg

170 B
232 B

71ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-w-6bOXEkGTrz8UnlnEQv1JGuu6BYDaGJ60neOigt1Zrp1HxJsUba0KP79DQxodCMnN_-Dtk_U7KP_hHehSvpWS7gnHqYdWg

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Server: MT3 357 2feb0b5 master cdg-pixel-x26 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-w-6bOXEkGTrz8UnlnEQv1JGuu6BYDaGJ60neOigt1Zrp1HxJsUba0KP79DQxodCMnN_-Dtk_U7KP_hHehSvpWS7gnHqYdWg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 24 Jan 2023 22:21:41 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 294B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEN4ADrLA7cTsD0bI99hXXAc&google_cver=1&google_push=Aa02lx8ZkC95YR4Z02PI5hfIkmfm3ZT4tZe3LH2F25QaYcd6OheCL1YPjJ8pMvwr_CcViikk7NKno8kxW0gAgoKI7J7oJB9oGMyH-g
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B074A76C45A4E14BB69B84FA05490DB&google_push=Aa02lx8ZkC95YR4Z02PI5hfIkmfm3ZT4tZe3LH2F25QaYcd6OheCL1YPjJ8pMvwr_CcViikk7NKno8kxW0gAgoK...

170 B
232 B

137ms
79ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B074A76C45A4E14BB69B84FA05490DB&google_push=Aa02lx8ZkC95YR4Z02PI5hfIkmfm3ZT4tZe3LH2F25QaYcd6OheCL1YPjJ8pMvwr_CcViikk7NKno8kxW0gAgoKI7J7oJB9oGMyH-g

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Jan 2023 22:21:42 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8B074A76C45A4E14BB69B84FA05490DB&google_push=Aa02lx8ZkC95YR4Z02PI5hfIkmfm3ZT4tZe3LH2F25QaYcd6OheCL1YPjJ8pMvwr_CcViikk7NKno8kxW0gAgoKI7J7oJB9oGMyH-g
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 23 Jan 2023 22:21:42 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 294B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHQpq_gHvPflJ50gzNBvz1s&google_cver=1&google_push=Aa02lx8zHmy0uxksZ5ITysVmBYzsL1FuhaBMlcHOObF4dubiKe5UhB-nPddSmM_UpWQVS56QmfdHgZahQ1f...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8zHmy0uxksZ5ITysVmBYzsL1FuhaBMlcHOObF4dubiKe5UhB-nPddSmM_UpWQVS56QmfdHgZahQ1fIpuXigbdWYT0rCGChPw&google_hm=wOZRIGcYQgetWnN4RX...

170 B
232 B

126ms
77ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8zHmy0uxksZ5ITysVmBYzsL1FuhaBMlcHOObF4dubiKe5UhB-nPddSmM_UpWQVS56QmfdHgZahQ1fIpuXigbdWYT0rCGChPw&google_hm=wOZRIGcYQgetWnN4RXYcqaQ

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8zHmy0uxksZ5ITysVmBYzsL1FuhaBMlcHOObF4dubiKe5UhB-nPddSmM_UpWQVS56QmfdHgZahQ1fIpuXigbdWYT0rCGChPw&google_hm=wOZRIGcYQgetWnN4RXYcqaQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 294B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPE8XU5x_KR3BMTcKw9P4gU&google_cver=1&google_push=Aa02lx_8qZ4m6XE5OISQZY1EaB5F96Lu4ZGS18Ogk5iqU4EiU-D0KC94fycsun_06mp7dTV1_fO3igu-GHd1ngmJe3HAPcs...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_8qZ4m6XE5OISQZY1EaB5F96Lu4ZGS18Ogk5iqU4EiU-D0KC94fycsun_06mp7dTV1_fO3igu-GHd1ngmJe3HAPcsRQXAa1w&google_hm=eS1DU3NLdnNCRTJwRkdX...

170 B
329 B

86ms
72ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_8qZ4m6XE5OISQZY1EaB5F96Lu4ZGS18Ogk5iqU4EiU-D0KC94fycsun_06mp7dTV1_fO3igu-GHd1ngmJe3HAPcsRQXAa1w&google_hm=eS1DU3NLdnNCRTJwRkdXMEc2YnRIV3NPdDg4SXV1T1hSLn5B

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Jan 2023 22:21:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_8qZ4m6XE5OISQZY1EaB5F96Lu4ZGS18Ogk5iqU4EiU-D0KC94fycsun_06mp7dTV1_fO3igu-GHd1ngmJe3HAPcsRQXAa1w&google_hm=eS1DU3NLdnNCRTJwRkdXMEc2YnRIV3NPdDg4SXV1T1hSLn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 294B
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHzovpFmKnHupaHx6pQmHL0&google_cver=1&google_push=Aa02lx-TnO3D2wTPam6OJP2AlJGG_QHvNvjaHMvqrdCVposVpWO6rllOsUhGz4PjRIrdm1mAU2MOEPtfSjQUGhOJy...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHzovpFmKnHupaHx6pQmHL0&google_cver=1&google_push=Aa02lx-TnO3D2wTPam6OJP2AlJGG_QHvNvjaHMvqrdCVposVpWO6rllOsUhGz4PjRIrdm1mAU2MOEPtfSjQUGhOJy...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-TnO3D2wTPam6OJP2AlJGG_QHvNvjaHMvqrdCVposVpWO6rllOsUhGz4PjRIrdm1mAU2MOEPtfSjQUGhOJyEkwEyw31rIC&google_hm=GCsdsGZHK5QPgfk7SOGuA8_Z

170 B
232 B

166ms
119ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-TnO3D2wTPam6OJP2AlJGG_QHvNvjaHMvqrdCVposVpWO6rllOsUhGz4PjRIrdm1mAU2MOEPtfSjQUGhOJyEkwEyw31rIC&google_hm=GCsdsGZHK5QPgfk7SOGuA8_Z

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-TnO3D2wTPam6OJP2AlJGG_QHvNvjaHMvqrdCVposVpWO6rllOsUhGz4PjRIrdm1mAU2MOEPtfSjQUGhOJyEkwEyw31rIC&google_hm=GCsdsGZHK5QPgfk7SOGuA8_Z
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 294B
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEL16rL92P...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEL1...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

71ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%
date: Tue, 24 Jan 2023 22:21:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 294B 0
232 B 196ms
68ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JIZbWcWKsSmBfyGKvyU8D0uYITZj3Fn2q50F7Kdilg9FKJCp2DEUiapE0_fERQZpB2_dfBiQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 8402 90 KB
11 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gt9zqt9v3jg75hsrdypvh0ks02g2f64dh7q4evp9f31tpr1yv84veeqfg9pswn9hf8qpzskyxjvhdx9djvf8frrj530j9zkxpgb22pe8bjc2g6kmc41m86tatsd15gnnhmzdxwa0h5cvzwr0tzv9rb8893hg5b3m86yr4jymg7k54jh06vtw51xzwxntnhs4zd9bvvcp9ff4v2ky4t6z775rm3kdn77nyby9rbw03q4qttc04tv3v0geb3phhxjgyktg07efdpnq6bgtf9wrqfy64h34tqw7fqm62ayfta2sdwxvw39j812nqvfjr258g1ngz3ajdjdznr05hqnygav338v3r6gxavcgpcv4wtzptectwntm3fy52hjeqdcsvdfagyfazyj2mt8v9mfxh26g9c5vcyyxe1ma8c3q1q04k0kgb1bdpwzaecb6n3ktankvajc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gt9zqt9v3jg75hsrdypvh0ks02g2f64dh7q4evp9f31tpr1yv84veeqfg9pswn9hf8qpzskyxjvhdx9djvf8frrj530j9zkxpgb22pe8bjc2g6kmc41m86tatsd15gnnhmzdxwa0h5cvzwr0tzv9rb8893hg5b3m86yr4jymg7k54jh06vtw51xzwxntnhs4zd9bvvcp9ff4v2ky4t6z775rm3kdn77nyby9rbw03q4qttc04tv3v0geb3phhxjgyktg07efdpnq6bgtf9wrqfy64h34tqw7fqm62ayfta2sdwxvw39j812nqvfjr258g1ngz3ajdjdznr05hqnygav338v3r6gxavcgpcv4wtzptectwntm3fy52hjeqdcsvdfagyfazyj2mt8v9mfxh26g9c5vcyyxe1ma8c3q1q04k0kgb1bdpwzaecb6n3ktankvajc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%26client%3Dca-pub-3868038712334580%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 544055
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUcVos19RyoBs44HxmIITfpoMLXGU45Zj1d7qrtxrSyGGZi1dXionqkynQ3AhH8ITMbMU%2BFO6VxHom48ecoC9ZA5c6GRjd6blzyBAdqJNeVBQuM20bjA64pu3%2FHEAQelbA7NiPDrXU8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78ec29e22e7e9b8c-FRA
expires: Tue, 24 Jan 2023 23:21:42 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 8402 35 KB
12 KB 35ms
21ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gt9zqt9v3jg75hsrdypvh0ks02g2f64dh7q4evp9f31tpr1yv84veeqfg9pswn9hf8qpzskyxjvhdx9djvf8frrj530j9zkxpgb22pe8bjc2g6kmc41m86tatsd15gnnhmzdxwa0h5cvzwr0tzv9rb8893hg5b3m86yr4jymg7k54jh06vtw51xzwxntnhs4zd9bvvcp9ff4v2ky4t6z775rm3kdn77nyby9rbw03q4qttc04tv3v0geb3phhxjgyktg07efdpnq6bgtf9wrqfy64h34tqw7fqm62ayfta2sdwxvw39j812nqvfjr258g1ngz3ajdjdznr05hqnygav338v3r6gxavcgpcv4wtzptectwntm3fy52hjeqdcsvdfagyfazyj2mt8v9mfxh26g9c5vcyyxe1ma8c3q1q04k0kgb1bdpwzaecb6n3ktankvajc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26241
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv29%2FCT9DXd4LU%2FC6RqNwoRNnHnEiSANmbYjQDUPH5yRZWfCNsXxfgQeVYZNxqgOkIpqZksaSnXQ3p6VsmJ30ziOSIUuovnV8cwRzAdWw0nvfvPQdFG7kz02wZ2jla2fGF1xLMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78ec29e23e999b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 24 Jan 2023 15:04:21 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame CBEB 90 KB
11 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g1h6m3q9haac9e57z4kxajjf6smfzg7cw0d0apza7q3g2xmw5md2fs9ns3tr1h4y5eptsgs4bz52s696jc8r1bapwa13mtf94ec9bjwh5cjx5rm3j4xmc2bfbn4nj5gdgg58jfz9kpj132kq88bcar3ts1cs3m0094w8hmeqbd3bxf0y3stg5dz9fv1ezc3dtk4csxvnq8atj4k6mera54r42ey6cz57eaj8paawmjs0bryxpk0x5t5fjx0abvj7301p8e0wbywz5ggrchxmzftdp5063tje02vh7q5ef05sqjg11kz0rehq6ax5wy3gfhd458t97z34swk2k3spvvw7jm4604e3nw8v9wmdj89fscdksx5wk5pcwv4ewgfzk92nn6gmth5d8nm4kzzbt3fp6pe3zbq9sm6mstj4xqxf0f1ac2de&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g1h6m3q9haac9e57z4kxajjf6smfzg7cw0d0apza7q3g2xmw5md2fs9ns3tr1h4y5eptsgs4bz52s696jc8r1bapwa13mtf94ec9bjwh5cjx5rm3j4xmc2bfbn4nj5gdgg58jfz9kpj132kq88bcar3ts1cs3m0094w8hmeqbd3bxf0y3stg5dz9fv1ezc3dtk4csxvnq8atj4k6mera54r42ey6cz57eaj8paawmjs0bryxpk0x5t5fjx0abvj7301p8e0wbywz5ggrchxmzftdp5063tje02vh7q5ef05sqjg11kz0rehq6ax5wy3gfhd458t97z34swk2k3spvvw7jm4604e3nw8v9wmdj89fscdksx5wk5pcwv4ewgfzk92nn6gmth5d8nm4kzzbt3fp6pe3zbq9sm6mstj4xqxf0f1ac2de&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%26client%3Dca-pub-3868038712334580%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 544055
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKYHWA%2FGwQyg9DJXVvMGIPDI%2FRN9qtUMG6mnYgag5EICT4MK7sZ0kxnprxPcCna63fP0ZmFujx4SD8h3YCldSt%2FbFhuEk2%2FKIcY%2FHf1r1TYbyd7wR7IQXe1xSlUjR7UJj%2BmQXlAzeeo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78ec29e23e949b8c-FRA
expires: Tue, 24 Jan 2023 23:21:42 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame CBEB 35 KB
12 KB 22ms
19ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g1h6m3q9haac9e57z4kxajjf6smfzg7cw0d0apza7q3g2xmw5md2fs9ns3tr1h4y5eptsgs4bz52s696jc8r1bapwa13mtf94ec9bjwh5cjx5rm3j4xmc2bfbn4nj5gdgg58jfz9kpj132kq88bcar3ts1cs3m0094w8hmeqbd3bxf0y3stg5dz9fv1ezc3dtk4csxvnq8atj4k6mera54r42ey6cz57eaj8paawmjs0bryxpk0x5t5fjx0abvj7301p8e0wbywz5ggrchxmzftdp5063tje02vh7q5ef05sqjg11kz0rehq6ax5wy3gfhd458t97z34swk2k3spvvw7jm4604e3nw8v9wmdj89fscdksx5wk5pcwv4ewgfzk92nn6gmth5d8nm4kzzbt3fp6pe3zbq9sm6mstj4xqxf0f1ac2de&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 26241
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqpxflUSkLAgcWqWK9WM3MdvbaIFw%2F791C26nJ%2FwH8ECBYe7%2Fkk%2Bw402b5iTtwNkI2dArqeY4B%2BNFudYYK7%2BmnK6JM6%2BNgzfNx7mlgbMmuAo%2FzBy5jpTI8Ww%2BJrozORqeg%2B%2B9iM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78ec29e23e9b9b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 24 Jan 2023 15:04:21 GMT

GET
DATA 200
OK truncated
/ Frame EC18 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76f02cfc2800bf05f671d7f8e615fca26fb06efe8c5ba704c94a83605f11a3df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 14AE
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1&google_push=Aa02lx_7bsyrtoOTTGNfaszfxZwKnNKYNiLmzlnlx_1WKFV8ooc_YUlVEQ0gjipL7vWMIq3uRV8asQ4x83j9uRHyBvHK6Yb0s3PnABfi
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODYwMTA5OTUyMjUwMzkyMDA4OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1

43 B
398 B

55ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=2743202993&adf=3116027668&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2937&idt=0&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250%2C1200x90&nras=4&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=62rr2AaK1P&p=http%3A//trfnews.i234.me&dtd=30
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 14AE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOyFi7x7gjyyta4x4_RyMjU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOyFi7x7gjyyta4x4_RyMjU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjQxUWVyamsxUGtyRkk1&google_gid=CAESEOyFi7x7gjyyta4x4_RyMjU&google_cver=1&google_push=Aa02lx_oeWwNLEwfOurl24Vn39WW6bQdKC1HvWRSacHcvFh...

170 B
232 B

114ms
80ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjQxUWVyamsxUGtyRkk1&google_gid=CAESEOyFi7x7gjyyta4x4_RyMjU&google_cver=1&google_push=Aa02lx_oeWwNLEwfOurl24Vn39WW6bQdKC1HvWRSacHcvFhdun-K4JWWp8XcNlVqerji7tu4TDvjfNT8lZ-1kOy63CA1XhAOFpEFsgA

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Jan 2023 22:21:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-764-ga8a59a9#rel-ec2-master i-0b5568e2cf029cf4d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VjQxUWVyamsxUGtyRkk1&google_gid=CAESEOyFi7x7gjyyta4x4_RyMjU&google_cver=1&google_push=Aa02lx_oeWwNLEwfOurl24Vn39WW6bQdKC1HvWRSacHcvFhdun-K4JWWp8XcNlVqerji7tu4TDvjfNT8lZ-1kOy63CA1XhAOFpEFsgA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 14AE
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENXHKDct4Kvuzor-HuqJz30&google_cver=1&google_push=Aa02lx-U2paRtY-00zEyhOQfjOpny9ywD0EkqTlVFscCpJMAIWVrFa-1xU-3MCyA5jGa8YgWgeA6Z_ecUIK...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-U2paRtY-00zEyhOQfjOpny9ywD0EkqTlVFscCpJMAIWVrFa-1xU-3MCyA5jGa8YgWgeA6Z_ecUIK0iv33a0u1fCb8HE6Hz49A&google_hm=PT73_110RJijwsH-...

170 B
232 B

166ms
117ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-U2paRtY-00zEyhOQfjOpny9ywD0EkqTlVFscCpJMAIWVrFa-1xU-3MCyA5jGa8YgWgeA6Z_ecUIK0iv33a0u1fCb8HE6Hz49A&google_hm=PT73_110RJijwsH-iVT3kKQ

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:41 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-U2paRtY-00zEyhOQfjOpny9ywD0EkqTlVFscCpJMAIWVrFa-1xU-3MCyA5jGa8YgWgeA6Z_ecUIK0iv33a0u1fCb8HE6Hz49A&google_hm=PT73_110RJijwsH-iVT3kKQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 14AE
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEH_4KtgKouAXLeppTWWeuF8&google_cver=1&google_push=Aa02lx8_NccT6y2vJFc1Sbkd2a3poRV88Wp6yEpGi0FQUYDO_0lxhrW_8cOzhs3TPRAKuvyAl9gAUZK4ds-iRa...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MjM0NzUxODAxMjU1MzM2Mg%3D%3D&google_push=Aa02lx8_NccT6y2vJFc1Sbkd2a3poRV88Wp6yEpGi0FQUYDO_0lxhrW_8cOzhs3TPRAKuvyAl9gAUZK4ds-iRa_BJN...

170 B
232 B

131ms
74ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MjM0NzUxODAxMjU1MzM2Mg%3D%3D&google_push=Aa02lx8_NccT6y2vJFc1Sbkd2a3poRV88Wp6yEpGi0FQUYDO_0lxhrW_8cOzhs3TPRAKuvyAl9gAUZK4ds-iRa_BJN0EaTk84uwI4Z0

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MjM0NzUxODAxMjU1MzM2Mg%3D%3D&google_push=Aa02lx8_NccT6y2vJFc1Sbkd2a3poRV88Wp6yEpGi0FQUYDO_0lxhrW_8cOzhs3TPRAKuvyAl9gAUZK4ds-iRa_BJN0EaTk84uwI4Z0
Date: Tue, 24 Jan 2023 22:21:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 14AE
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPQB7XA5p2EYHUKZl-5BA-Y&google_cver=1&google_push=Aa02lx9DjSmYPe6p8BqOPhE3W7RhXVHHdxO-8xQ0OZ3nqsJEj464apsCEFj7fLtcYbkWAtUaiGE0JUl9LNTrrRna0...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPQB7XA5p2EYHUKZl-5BA-Y&google_cver=1&google_push=Aa02lx9DjSmYPe6p8BqOPhE3W7RhXVHHdxO-8xQ0OZ3nqsJEj464apsCEFj7fLtcYbkWAtUaiGE0JUl9LNTrrRna0...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9DjSmYPe6p8BqOPhE3W7RhXVHHdxO-8xQ0OZ3nqsJEj464apsCEFj7fLtcYbkWAtUaiGE0JUl9LNTrrRna09ktbgm688UO8tM&google_hm=GCsdsGZHSUnWlySARBK...

170 B
232 B

113ms
81ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9DjSmYPe6p8BqOPhE3W7RhXVHHdxO-8xQ0OZ3nqsJEj464apsCEFj7fLtcYbkWAtUaiGE0JUl9LNTrrRna09ktbgm688UO8tM&google_hm=GCsdsGZHSUnWlySARBKS2qsD

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9DjSmYPe6p8BqOPhE3W7RhXVHHdxO-8xQ0OZ3nqsJEj464apsCEFj7fLtcYbkWAtUaiGE0JUl9LNTrrRna09ktbgm688UO8tM&google_hm=GCsdsGZHSUnWlySARBKS2qsD
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 14AE
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx-in-ZsodxzoFvRFOqa9eeb1CVNwEID3U73wbqBSjL5o-I7ShKGUv3DWDu47_zveAlSulxCYGjmoTDz9xGQDI6KLFhJZ2MrQps&redir=https%3A%2F%2Fcm.g.do...
https://sync.targeting.unrulymedia.com/csync/RX-bd326787-3b17-4954-b481-d40961a6cb4d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-in-ZsodxzoFvRFOqa9...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-in-ZsodxzoFvRFOqa9eeb1CVNwEID3U73wbqBSjL5o-I7ShKGUv3DWDu47_zveAlSulxCYGjmoTDz9xGQDI6KLFhJZ2MrQps&google_hm=A70yZ4c7F0lUtIHUCWGmy00

170 B
232 B

78ms
78ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-in-ZsodxzoFvRFOqa9eeb1CVNwEID3U73wbqBSjL5o-I7ShKGUv3DWDu47_zveAlSulxCYGjmoTDz9xGQDI6KLFhJZ2MrQps&google_hm=A70yZ4c7F0lUtIHUCWGmy00

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-in-ZsodxzoFvRFOqa9eeb1CVNwEID3U73wbqBSjL5o-I7ShKGUv3DWDu47_zveAlSulxCYGjmoTDz9xGQDI6KLFhJZ2MrQps&google_hm=A70yZ4c7F0lUtIHUCWGmy00
date: Tue, 24 Jan 2023 22:21:42 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXbd3267873b174954b481d40961a6cb4d003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 14AE
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDWlbNm8e...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDW...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

72ms
72ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%
date: Tue, 24 Jan 2023 22:21:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 14AE 0
40 B 167ms
70ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTNj98MZLua8Kx0ubwj_-3AFJPLoFCSY-JxBNioOXDfLMQGOOTZh7s1lAR2mDY_JwfbGVIQw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame 368C 10 KB
4 KB 64ms
12ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=6382479137241366315&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJByzuOgLn0DWvnpiV19-tA%26exch_seat%3D20035004448%26mt_aid%3D6382479137241366315%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_cid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%2526client%253Dca-pub-3868038712334580%2526adurl%253D%26redirect%3D
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: efe258977470a021feb73787f622053e758b9416fc30426e1578ebcb2022e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3428
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 368C 49 B
329 B 49ms
25ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6382479137241366315&node_id=3303&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmprek5UYzFZemt0T0dZeE1DMDJZV1kwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODI0NzkxMzcyNDEzNjYzMTUvNjYyMjMzMi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3Q29EZ3pia0lSVzg5QkZ6Q1NaRmVfOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzgyNDc5MTM3MjQxMzY2MzE1L2Ftcy8wLzQ1OC85Ny85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY3NDU5ODkwMS8xNjc0NjExNTAxLzQvcHViLTM4NjgwMzg3MTIzMzQ1ODAv/eDUzOPiwCEP8K_NQVHKwrpZEaCs&nodeid=3303&group=cdg&auctionid=6382479137241366315&pbs_auctionid=6382479137241366315&shardkey=6382479137241366315&sid=4562306&cid=6622332&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.377.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Server: MMBD/3.377.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x72, cdg-bidder-x62
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 24 Jan 2023 22:21:41 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 368C 43 B
404 B 140ms
96ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6382479137241366315&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmprek5UYzFZemt0T0dZeE1DMDJZV1kwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODI0NzkxMzcyNDEzNjYzMTUvNjYyMjMzMi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3Q29EZ3pia0lSVzg5QkZ6Q1NaRmVfOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzgyNDc5MTM3MjQxMzY2MzE1L2Ftcy8wLzQ1OC85Ny85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY3NDU5ODkwMS8xNjc0NjExNTAxLzQvcHViLTM4NjgwMzg3MTIzMzQ1ODAv/eDUzOPiwCEP8K_NQVHKwrpZEaCs&nodeid=3303&group=cdg&auctionid=6382479137241366315&pbs_auctionid=6382479137241366315&shardkey=6382479137241366315&sid=4562306&cid=6622332&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 357 2feb0b5 master iad-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Server: MT3 357 2feb0b5 master iad-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 24 Jan 2023 22:21:41 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 368C 49 B
329 B 61ms
33ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6382479137241366315&st=4562306&time=1674598902&nodeid=3303
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmprek5UYzFZemt0T0dZeE1DMDJZV1kwTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzODI0NzkxMzcyNDEzNjYzMTUvNjYyMjMzMi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3Q29EZ3pia0lSVzg5QkZ6Q1NaRmVfOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzgyNDc5MTM3MjQxMzY2MzE1L2Ftcy8wLzQ1OC85Ny85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY3NDU5ODkwMS8xNjc0NjExNTAxLzQvcHViLTM4NjgwMzg3MTIzMzQ1ODAv/eDUzOPiwCEP8K_NQVHKwrpZEaCs&nodeid=3303&group=cdg&auctionid=6382479137241366315&pbs_auctionid=6382479137241366315&shardkey=6382479137241366315&sid=4562306&cid=6622332&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%26client%3Dca-pub-3868038712334580%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.377.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Server: MMBD/3.377.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x74, cdg-bidder-x62
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 24 Jan 2023 22:21:41 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CBEB 3 KB
3 KB 80ms
34ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31503184
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JauUtqUIAS8vzszS5ErTY4%2BExfP3Qu9NYf%2BTgRNZt5VSMBw9bPQx%2B%2FeKUyGm3DTIbmhb%2FvGdhITyVVKw89Kb83JusklckFfFaaCFz4hy7%2BX5oViZTj9khHx9LiCghj16ehBCvMV4h7GXqLpY%2BA4LS2YX"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78ec29e2bd0f900d-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8402 3 KB
4 KB 76ms
31ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31503184
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIEJDyCpnBkuFR0kWF9rI6ksPl9uDnG8FrGVwt2Gf5gC0wXlX%2BNU4H9GN30lSAYPAprGywNwceN7InbWC5K6TC7cUFlToDCZK7bLtecgAAM0ROtKAKXnXjlnGTfWJRTyER6mf1zbkfsA0nFkDOJq8cq%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78ec29e2bd10900d-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame AFEA 2 KB
1 KB 25ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2427387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78ec29e268b79196-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 22:21:42 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=speFbxYjPCF6oZtrcmrH2tLCI3Y6Zg6y1Vc1hxHajH%2BWTnFgFLB1nuW763cT3%2F40nXc7WaieEiKYc5E%2FUDvOGe9UkZ4Gi1P1BUG0KgQMyY3TuTmIBBJRmcOF0s4zqs12GEQIZlc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8EE9 2 KB
1 KB 25ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2427387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78ec29e278ba9196-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 22:21:42 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvsmcTtDJGvc2XSE13s0VYY1Nu6ZQRODeYXv00kKRiysBHiVO0FHJVHNS6cB9OqGQ6eOaCftatv%2B%2F0EN4UU8QlRu%2FyX8JDNeuyMMMWqNHfYhRH5asSgTqgcU1%2Bt91gXdfiZUatQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK request.php Show response
hal900014.redintelligence.net/ Frame 368C 3 KB
2 KB 127ms
76ms Script
application/x-javascript 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=fdfd9f947e&subid=&uid=31d28a14c7e204d6&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJByzuOgLn0DWvnpiV19-tA%26exch_seat%3D20035004448%26mt_aid%3D6382479137241366315%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_cid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%2526client%253Dca-pub-3868038712334580%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3868038712334580%26output%3Dhtml%26h%3D90%26adk%3D3336119709%26adf%3D3347376195%26pi%3Dt.aa~a.307254967~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1674598901%26rafmt%3D1%26to%3Dqs%26pwprc%3D5217193664%26format%3D1200x90%26url%3Dhttp%253A%252F%252Ftrfnews.i234.me%252Fwordpress%252Fbaudette-rainy-river-bridge-completed%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1674598901737%26bpp%3D1%26bdt%3D2936%26idt%3D-M%26shv%3Dr20230119%26mjsv%3Dm202301040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C468x60%252C468x60%252C300x250%252C728x90%252C324x250%26nras%3D3%26correlator%3D4505641949155%26frm%3D20%26pv%3D1%26ga_vid%3D1578566782.1674598900%26ga_sid%3D1674598901%26ga_hid%3D178886225%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D2264%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071789%252C44779793%26oid%3D2%26pvsid%3D3280575369490976%26tmod%3D890607478%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26cms%3D2%26fu%3D128%26bc%3D23%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3Dk8EZ5JGhhI%26p%3Dhttp%253A%2F%2Ftrfnews.i234.me%26dtd%3D27&ancestorOrigins=null&random=4693798749268&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=6382479137241366315&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJByzuOgLn0DWvnpiV19-tA%26exch_seat%3D20035004448%26mt_aid%3D6382479137241366315%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_cid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%2526client%253Dca-pub-3868038712334580%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 49093937bb58e61cc9ac204d6f117ac51508e1a8e8137c6ca4911dbe7fc54863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Jan 2023 22:21:42 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 75005700274460200951389012214014
Connection: close
Content-Length: 1093
Expires: Tue, 24 Jan 2023 22:21:42 +0100

POST
H3 200 rs Show response
ad4m.at/ Frame CBEB 2 KB
2 KB 61ms
60ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab9505497b8ef611e8350226ab8e4df93e022804638fb3de2f39da196097505

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2M8XP56fs5Fbv9QuQ7TtQZcIZ74zhgCOcJOOqkR1697lOm%2Fq4gBiQJlnM8G0%2B9FJfKW2RNEo5PLbfcsn07ArgI4dNZICSpl1YrnxqB1EgWZyF90Zt5rkaffyrof4Lrz75ySC%2BW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78ec29e30ef49170-FRA
x-backend-server: aa-reachservice-group-europe-west1-8g4q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 52ms
35ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78ec29e2cea39170-FRA
content-length: 24
content-type: text/plain
date: Tue, 24 Jan 2023 22:21:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWphFK1XY3uo%2FCJOJ6ND7%2BROiCszVGWoEbOPvqUHIs4KEb86pzlWoE55ZR1wqwt5fthaapXe2FWqryoA6pSsIRoiy2kl6UcNJ%2Bp9xeRVvDfcF0tZazH9bbhf2EXiL7kOUUn6X1g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8g4q

POST
H3 200 rs Show response
ad4m.at/ Frame 8402 2 KB
2 KB 38ms
37ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77512224c7baf4973c04439d4b128f488208c723daa2fb0add832ecf7534fae

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9Q0mDt9oMY5gu6eiQaKbfvF3%2B3mjKfd%2FUKp%2FptsjzT4xWvq7%2FEr3ON8UECm7g2LcLS48tFxXfydkvn%2F4YnrrOUf%2BlNG62Dc9b%2FrImuUFxnWYQV4rKdFh9NHnd%2FHVstxiHECEsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78ec29e30ef59170-FRA
x-backend-server: aa-reachservice-group-europe-west1-8g4q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 52ms
35ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78ec29e2dea69170-FRA
content-length: 24
content-type: text/plain
date: Tue, 24 Jan 2023 22:21:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrHxVXsHnMfEBilgxXMEVv6DwcRjVaa6UxAKPLMNVMXP8bDr1iIjlIVj8M8PeKHtXkIDaC05kioWagsfhQ4SomuDXxXIohUBf61652ue715NEVB5SypgxyVstNc3hvmU8e2oDT0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8g4q

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 331F 9 KB
4 KB 43ms
39ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab8021c194c9424612aa8254b92718120bd40c63700bdc6bb81e6666015a81d8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gt9zqt9v3jg75hsrdypvh0ks02g2f64dh7q4evp9f31tpr1yv84veeqfg9pswn9hf8qpzskyxjvhdx9djvf8frrj530j9zkxpgb22pe8bjc2g6kmc41m86tatsd15gnnhmzdxwa0h5cvzwr0tzv9rb8893hg5b3m86yr4jymg7k54jh06vtw51xzwxntnhs4zd9bvvcp9ff4v2ky4t6z775rm3kdn77nyby9rbw03q4qttc04tv3v0geb3phhxjgyktg07efdpnq6bgtf9wrqfy64h34tqw7fqm62ayfta2sdwxvw39j812nqvfjr258g1ngz3ajdjdznr05hqnygav338v3r6gxavcgpcv4wtzptectwntm3fy52hjeqdcsvdfagyfazyj2mt8v9mfxh26g9c5vcyyxe1ma8c3q1q04k0kgb1bdpwzaecb6n3ktankvajc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%26client%3Dca-pub-3868038712334580%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78ec29e369a69196-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 48E3 10 KB
4 KB 39ms
36ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc171a46f16266cc870e95f5c1b470f0f0bb847231354bdb20857350f016c911

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g1h6m3q9haac9e57z4kxajjf6smfzg7cw0d0apza7q3g2xmw5md2fs9ns3tr1h4y5eptsgs4bz52s696jc8r1bapwa13mtf94ec9bjwh5cjx5rm3j4xmc2bfbn4nj5gdgg58jfz9kpj132kq88bcar3ts1cs3m0094w8hmeqbd3bxf0y3stg5dz9fv1ezc3dtk4csxvnq8atj4k6mera54r42ey6cz57eaj8paawmjs0bryxpk0x5t5fjx0abvj7301p8e0wbywz5ggrchxmzftdp5063tje02vh7q5ef05sqjg11kz0rehq6ax5wy3gfhd458t97z34swk2k3spvvw7jm4604e3nw8v9wmdj89fscdksx5wk5pcwv4ewgfzk92nn6gmth5d8nm4kzzbt3fp6pe3zbq9sm6mstj4xqxf0f1ac2de&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%26client%3Dca-pub-3868038712334580%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78ec29e379b49196-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 22:21:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame E766
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=75005700274460200951389012214014&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75005700274460200951389012214014&actionid=981741&produktid=&dt_url=

0
606 B

78ms
25ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75005700274460200951389012214014&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=fdfd9f947e&subid=&uid=31d28a14c7e204d6&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJByzuOgLn0DWvnpiV19-tA%26exch_seat%3D20035004448%26mt_aid%3D6382479137241366315%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_cid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%2526client%253Dca-pub-3868038712334580%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3868038712334580%26output%3Dhtml%26h%3D90%26adk%3D3336119709%26adf%3D3347376195%26pi%3Dt.aa~a.307254967~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1674598901%26rafmt%3D1%26to%3Dqs%26pwprc%3D5217193664%26format%3D1200x90%26url%3Dhttp%253A%252F%252Ftrfnews.i234.me%252Fwordpress%252Fbaudette-rainy-river-bridge-completed%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1674598901737%26bpp%3D1%26bdt%3D2936%26idt%3D-M%26shv%3Dr20230119%26mjsv%3Dm202301040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C468x60%252C468x60%252C300x250%252C728x90%252C324x250%26nras%3D3%26correlator%3D4505641949155%26frm%3D20%26pv%3D1%26ga_vid%3D1578566782.1674598900%26ga_sid%3D1674598901%26ga_hid%3D178886225%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D2264%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071789%252C44779793%26oid%3D2%26pvsid%3D3280575369490976%26tmod%3D890607478%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26cms%3D2%26fu%3D128%26bc%3D23%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3Dk8EZ5JGhhI%26p%3Dhttp%253A%2F%2Ftrfnews.i234.me%26dtd%3D27&ancestorOrigins=null&random=4693798749268&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 24 Jan 2023 22:21:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 24 Jan 2023 11:21:42 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Tue, 24 Jan 2023 22:21:42 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=75005700274460200951389012214014&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: B9D59BA4:816E_91EFC182:01BB_63D059F6_11576B48:11271

GET
H2 200 / Show response
adv.office-partner.de/ Frame E7B6 930 B
931 B 137ms
18ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=fdfd9f947e&subid=&uid=31d28a14c7e204d6&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJByzuOgLn0DWvnpiV19-tA%26exch_seat%3D20035004448%26mt_aid%3D6382479137241366315%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_cid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%2526client%253Dca-pub-3868038712334580%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3868038712334580%26output%3Dhtml%26h%3D90%26adk%3D3336119709%26adf%3D3347376195%26pi%3Dt.aa~a.307254967~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1674598901%26rafmt%3D1%26to%3Dqs%26pwprc%3D5217193664%26format%3D1200x90%26url%3Dhttp%253A%252F%252Ftrfnews.i234.me%252Fwordpress%252Fbaudette-rainy-river-bridge-completed%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1674598901737%26bpp%3D1%26bdt%3D2936%26idt%3D-M%26shv%3Dr20230119%26mjsv%3Dm202301040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C468x60%252C468x60%252C300x250%252C728x90%252C324x250%26nras%3D3%26correlator%3D4505641949155%26frm%3D20%26pv%3D1%26ga_vid%3D1578566782.1674598900%26ga_sid%3D1674598901%26ga_hid%3D178886225%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D2264%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071789%252C44779793%26oid%3D2%26pvsid%3D3280575369490976%26tmod%3D890607478%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26cms%3D2%26fu%3D128%26bc%3D23%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3Dk8EZ5JGhhI%26p%3Dhttp%253A%2F%2Ftrfnews.i234.me%26dtd%3D27&ancestorOrigins=null&random=4693798749268&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 24 Jan 2023 22:21:42 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 31 Jan 2023 22:21:42 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

htlp Show response
futalis.de/ Frame 8297
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=75005700274460200951389012214014&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2134976655

350 B
401 B

51ms
14ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2134976655
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=fdfd9f947e&subid=&uid=31d28a14c7e204d6&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJByzuOgLn0DWvnpiV19-tA%26exch_seat%3D20035004448%26mt_aid%3D6382479137241366315%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_cid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%2526client%253Dca-pub-3868038712334580%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3868038712334580%26output%3Dhtml%26h%3D90%26adk%3D3336119709%26adf%3D3347376195%26pi%3Dt.aa~a.307254967~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1674598901%26rafmt%3D1%26to%3Dqs%26pwprc%3D5217193664%26format%3D1200x90%26url%3Dhttp%253A%252F%252Ftrfnews.i234.me%252Fwordpress%252Fbaudette-rainy-river-bridge-completed%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1674598901737%26bpp%3D1%26bdt%3D2936%26idt%3D-M%26shv%3Dr20230119%26mjsv%3Dm202301040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C468x60%252C468x60%252C300x250%252C728x90%252C324x250%26nras%3D3%26correlator%3D4505641949155%26frm%3D20%26pv%3D1%26ga_vid%3D1578566782.1674598900%26ga_sid%3D1674598901%26ga_hid%3D178886225%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D2264%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071789%252C44779793%26oid%3D2%26pvsid%3D3280575369490976%26tmod%3D890607478%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26cms%3D2%26fu%3D128%26bc%3D23%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3Dk8EZ5JGhhI%26p%3Dhttp%253A%2F%2Ftrfnews.i234.me%26dtd%3D27&ancestorOrigins=null&random=4693798749268&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 22:21:42 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2134976655
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 368C 2 KB
2 KB 173ms
77ms Script
text/html 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=75005700274460200951389012214014&nw=1
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: cc33154ddfc0365eeff9c8297343a86ca3822fffbb43427c9dc502b60471597b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
last-modified: Tue, 24 Jan 2023 22:21:42 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 24 Jan 2023 22:22:42 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame 3D51 7 KB
2 KB 34ms
12ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=75005700274460200951389012214014&a=0b66f755
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=fdfd9f947e&subid=&uid=31d28a14c7e204d6&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DJByzuOgLn0DWvnpiV19-tA%26exch_seat%3D20035004448%26mt_aid%3D6382479137241366315%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_cid%3D132163d0-59f6-4901-b69e-a9db0bb23e5f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCaKna9VnQY5KeMdCK-cAPydem0ArPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqAMBqgSYAk_QsOpvM0rkA_0yCmnBAK5-OWYdz4pCxjM10ncHlp84vM4yvIN7W06MhdgymmdDIC9wajsiIvQ8XCEWZjD0MtL7GqQhUYRX52IFzTs70BO5d26yA1P7jsFTypFZdLyY6rK0ccaLg7rwzaUkDOhhoPBQlwTkPUsg6I_RPgJq6JHfd37jMrgK0aWtcg3DLcavq2TvppiDyQoe8XPvCsSoeelwnDa1yFqYwYrWOUjufR_B3ee_Vkby0JKalQ8jc3MjOGS2SfByS-Qb7hcLRFvHO82SVr6SN42-cUSkMoUYI-q7-5j3S0NQQhdy7E8PcHPTcZOCjX1v4hrBaNGLoeRJ1anozRvdPgu5WvupdLJUICGnnKbymh7D-umABr7U1vzZmuidqAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_14XS1cQEJ_klgeym-rQOpkUVGXKw%2526client%253Dca-pub-3868038712334580%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3868038712334580%26output%3Dhtml%26h%3D90%26adk%3D3336119709%26adf%3D3347376195%26pi%3Dt.aa~a.307254967~rp.1%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1674598901%26rafmt%3D1%26to%3Dqs%26pwprc%3D5217193664%26format%3D1200x90%26url%3Dhttp%253A%252F%252Ftrfnews.i234.me%252Fwordpress%252Fbaudette-rainy-river-bridge-completed%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1674598901737%26bpp%3D1%26bdt%3D2936%26idt%3D-M%26shv%3Dr20230119%26mjsv%3Dm202301040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C468x60%252C468x60%252C300x250%252C728x90%252C324x250%26nras%3D3%26correlator%3D4505641949155%26frm%3D20%26pv%3D1%26ga_vid%3D1578566782.1674598900%26ga_sid%3D1674598901%26ga_hid%3D178886225%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D2264%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31071789%252C44779793%26oid%3D2%26pvsid%3D3280575369490976%26tmod%3D890607478%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26cms%3D2%26fu%3D128%26bc%3D23%26ifi%3D8%26uci%3Da!8%26btvi%3D4%26fsb%3D1%26xpc%3Dk8EZ5JGhhI%26p%3Dhttp%253A%2F%2Ftrfnews.i234.me%26dtd%3D27&ancestorOrigins=null&random=4693798749268&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 17756d2f03c3be774d2c0f61f2536fd099d37b94f3884ebdcac17fa5dbe80fce

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2077
Content-Type: text/html; charset=utf-8
Date: Tue, 24 Jan 2023 22:21:42 GMT
Expires: Tue, 24 Jan 2023 22:21:42 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 368C
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75005700274460200951389012214014
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=75005700274460200951389012214014
https://ad-server.eu/wm/pb/native.png

68 B
312 B

154ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:24:40 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA4:816E_91EFC182:01BB_63D059F6_11576B4A:11271
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A508 1 KB
643 B 47ms
47ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 07:57:21 GMT
etag: 48472445140208031
expires: Wed, 25 Jan 2023 07:57:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 368C 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19776122545729571bad05181717e04b7c31470d3037a924a497b07095136771

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 331F 90 KB
12 KB 28ms
27ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 544055
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blsIbsqHr3wAYcMxmYg%2BcAXVMdJC6HsZASXwCsAG7iGWTFzlCSbnhDXmKgPmBe2VjYjzMiGZKS0l1qPCW2RYH5NibOsvK2BlgINvdzSKexXci%2FL2n%2BYxfBHFWSq5oE3HjRw6Lmm0OY4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78ec29e3ba1b9196-FRA
expires: Tue, 24 Jan 2023 23:21:42 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 331F 53 KB
54 KB 37ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1055519
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKtsPTbucMuQS5t9GeY%2BQSxUFwv3p2VjeEGqfhKNgHtJR6k7oKdIlVxgsDj5vTb55%2FOkQPdbvw8lfjlYZRThP5AT35dIJLfVSZedHM2n%2BdeX%2Ff88xRR0mFxiNTH%2Fmqp5386Ew8GLWApFvl%2BX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c9849b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H2 200 BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
assets.ad4m.at/product_image/ Frame 331F 24 KB
25 KB 28ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BC686148DD030E5B6363B95E2B43530596C139B0E0801D1093B854C3C3E888CCB18DFB9C18089FB39D44F7EE9BAAA918E5EEDEB1DB55A3D91E411E85B4639142
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2255514
cf-polished: qual=85, origFmt=jpeg, origSize=151606
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24794
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 11:55:08 GMT
server: cloudflare
etag: "d71e74a6f11e793171f7c83885ae5c26"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Fi1dFyCTpfJULAgGEt17729C8L%2Fu0FApGPqrCgZhkOmAv0W9uwIEd6FULIBsotqIg9YBi5UoLOqw1FwCCyzpSnZ0cNihYDfRR4wCEv1A7sM08yZkleTHDyXHy6QG6nXgLf2QWa0Ri2t5yGd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c97a9b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 331F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPq054Wf4fwCFVHvEQgddg0Ibg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023012423214280841840387X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suit...

49 B
1 KB

114ms
17ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023012423214280841840387X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023012423214280841840387X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023012423214280841840387X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023012423214280841840387X117679V1226132702MSviewoneidkkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date: Tue, 24 Jan 2023 22:21:42 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 331F 44 KB
44 KB 23ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 433675
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nrmgtk2LJRuuBXVQb8djYOOHo%2BEBb0A1HiH093DiU%2B9YnygIdi1gm%2FjC6hu32sBvVOHwG1jHMlCQZv1RpvNOo8pKMCDB%2FN9kB9qCJiofgYvhlywyd%2BDLVFrkh0WDhzeoEJu%2Fk%2FpNVvArbpND"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c97f9b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 331F 222 KB
222 KB 27ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1877059
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KRpVKYsZGdUf1sjs%2FhTRcESrjbNmcG5z1opR1PWAysTiirYqq%2FU494PSsU1gzlDX98bfsAnzIOHXDQcpO8CcookN5mp9UUuq2ILv5Yhywov7W5cIft%2Feshfi9SMApeBQUx%2B01dGKzm4sB%2Bc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c9809b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 331F
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1674598902_7ab44e30-9c35-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

0
670 B

65ms
35ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1674598902_7ab44e30-9c35-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
via: 1.1 additional-webserver-green-175p (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 1027124775
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=d3d18b13f98238bb
cf-ray: 78ec29e49ba09249-FRA
expires: -1

Redirect headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1674598902_7ab44e30-9c35-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 331F 2 KB
3 KB 19ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2598583
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fch9sp%2BszZslHdvPou5ckMMtfz1r1gBVFOu3EM4Y1PTb9PVEYunO6sTLZ1ibV%2FWoS6TzD3oRY761vpRtIMZTWrR8j6Bo3eJofqmgpldpb75jsZmwS7KZTntBI5EV2isv0klUraE7VdVyR65X"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c9819b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 331F 339 KB
340 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59040%2C14019%2C117569&b=kkDa5f3fKDQws4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfZkPYfpHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=58b4f65cfc535e7e086ea235b6a2fc65%2F2508537045653586728&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674598902197&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kg4gpbbanys1wjf95h8bkwwj6a8sfxpmn2awm4dtz1cnd6gks0z78ew2semjwspf2f01xp1xb6jabb66vartghph9tta8cba8dcw82kdcfvazh6a1yazxvg4vp69gbmq3x85vtdz7fdab5km43azgmbgkkexde1yczj9greay1rn5bwf77sb91m3vsn8hprqzh9y2zv4dr5p3jnpwqqzmmgpxfz41pbwfmqp8yr3ems62qb05zmbjn0tgmxyyanywdw392yfpwdyy4tftha5xq0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClJyX9VnQY5GmMY_QZLS1kqAOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzg2ODAzODcxMjMzNDU4MMgBCakCaqMdG0lCsj6oAwGqBJgCT9BSqkzo_LRnP0YBZGRyoZlzgXoUu_tbwfvHP8mtkM04agImGJTXcCtXp5w93SMV0X38ZsIrF_wxHHBnJYzhWQVZjAcwB6bMn_aTbzZG5jbU8ilVWN88by2qcW2DC5SUZ-qGE_MY-S_cygrjuevL_Z56Gz5YqdM0k1OIP-JvHEfNgMElbh6Yo87BwzEkDifil748uhTLPojXJ1UpkAhWVKloa0wxZiixch273FZgP_1ZcE126jpa4KOxXEZu8jPVtT7mw7trnAMtxPe484N-9txudacJY0QXdBzT1k_Nl-5creUnDNIoFaCWcdSl32E2AQ-6GGEUYh6KwBHRpWzGAf5cUfQs1xPI4Cx-udXjUqaZV_PHIi3X9IAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3T8N-rPCxfv_jT1TOY0E7QUtK6Mg%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2593205
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9O6rwmzinduHtWWCUTZ%2F%2BwGUc0xulub6CjZ8vYLWF6hWBBXel9rfNIiT6QOGHyZU46UBKDKUGkb%2F6gHkw8DR%2FEdKx8PO5fcSMp7w1ZFVYFaGAubLVvdFG%2BVPXx%2FiAuFYCulaMy9T4cIOIDE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c9829b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 331F 43 B
704 B 69ms
36ms Image
image/gif 23.67.134.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-134-223.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Jan 2023 22:21:42 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 48E3 90 KB
12 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 544055
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1uMxOQExg0sAjFgMZzSPpmQeJ0oVbjKNfFl3ccANVPN4OK7TSBEMvyOestHqdhxR3%2FWC1IecUzH%2FQo1zGLdvrdJDtxg%2FJ5%2FJQl0oysWLl0qM77UCaSbkcUWzwMOIOJVO8gwnb2tHM0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78ec29e3ca229196-FRA
expires: Tue, 24 Jan 2023 23:21:42 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 48E3 53 KB
54 KB 21ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1055519
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdZMSIKbJTpNSK63NPHAJncIBX8zX%2BjDXC2vlPBlR3KzyWQWK1MPWL6Z9R7nm4Y3l4bFNjpla83F3BSXIGUfYCdCSH%2Bi0TsjTUfhLGfGtNeDV7dVVP3kMbxW33AGp8I2y3LTU7Vscxfow9Q1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c97d9b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 48E3 23 KB
23 KB 32ms
30ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1012494
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F8e1PO9xfq80%2FUZovepVVW0m66QSFvWErS24sVZa6Otf55xSBnscPlxrWGCBAmWHIVoCMBBBkRDCsg2mxoY9j0FDJAYR8DyPpsLnbhjbd%2Fhxr8bTeCw%2F8L23xvoXDMMJNj%2F%2BYfM2i9iElEE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c9869b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 48E3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CO-354Wf4fwCFViVdwodyeYBFw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023012423214280841840385X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...

49 B
1 KB

110ms
17ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023012423214280841840385X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023012423214280841840385X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023012423214280841840385X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2023012423214280841840385X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
date: Tue, 24 Jan 2023 22:21:42 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 48E3 9 KB
9 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445644
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JD7AhigHcl%2BiSU%2F04uqYcFh7PjHGF6wUfD6c%2BTwpgpdvdXyVWQW%2BXbqgcAb98GmqPpeZFMMSoU93xI2YTK3FUnmQJ6BTEd8vWh%2B6bBZPZj3T7HapBlSumJddrvpQINNAcdVvRYbS2Lt%2BKuP7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c9879b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 48E3 20 KB
20 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625638
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpC%2Fjlw0eKrZ1yW%2F35bsneTHIISAz0%2BucbsKVwKLX%2F5wm4U5WVltkBZkrZm3wCBHGPkdravh1zgxkxKNJQ5dd6x6ejOZ1wZt3kjDrznWjPpnt1dpEnFxvmT6xRNl48oL%2BrHzUiILj3E6nZgq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3c9889b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 48E3
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMy554Wf4fwCFauSdwodvQ8BIQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023012423214280841840391X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...

49 B
1 KB

83ms
28ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023012423214280841840391X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023012423214280841840391X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Tue, 24 Jan 2023 22:21:42 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 48E3 44 KB
44 KB 25ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 433675
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IC1ODxnv%2B3a5DXJTyo9vKOGJcVqb31XAdUgdC9fKwY2chaMBwZGAZnD7bl1nRmXGLeNBrEd6p8ZP0Qrz%2BeZAZP9PlGHXDA6qNx%2F%2FqHweEpWY4iTZRQ51upaBpjxeN9mSBmoKnOgIFUnOzS%2Fi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3d9939b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 48E3 222 KB
222 KB 25ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1877059
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRIm5Utf8dwPwaWmyVpBC4B7La86pfR1zj8N8KAcqFpJS4lTIvd9Ls7HSLJNLqgpXecrzc0mZkoVssfGOxNH9L59LrA%2FUaRIUCSTauRkzWGmwaOFdbI9mN3HWejnPyhg85TrFEmq4oV%2Bll%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78ec29e3d9949b8c-FRA
expires: Wed, 25 Jan 2023 22:21:42 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 48E3
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1674598902_7ab67110-9c35-11ed-a333-22367016dc88&insert=AW&&gdpr=0&gdpr_consent=

0
291 B

54ms
42ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1674598902_7ab67110-9c35-11ed-a333-22367016dc88&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19491%2C14019&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=300&d=250&e=&g=03083714d0dc092c93f2f09e727018de%2F12045882458123331373&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1674598902199&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gyz5c815waxs0skbry33ybqf1cserhvjdk87k9zeyqqrpdxn3mbkttj8xsas2kfp3b1ba9js9hgetjcft9m56xknex801kpvd9hvd3ja1yxn80b9pvv2sngfsnvvjejwceb73y7n68wtc9m2rhajajrzae80dgwptt758g85s7z3e2g8gg52r0dxxns3p4cck9mc68ag99t9q3gqkpmc6ppqtb7req0hgn6hvtwqg42435xwqk06k0eke175adxsdvebjd5ekrw7pbjjmk0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCVzSo9VnQY5P1L-yL-cAP8u6gwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zODY4MDM4NzEyMzM0NTgwyAEJqQILs85A8zyyPqgDAaoEmAJP0ExrWUMrhip52-NF1aMTS8dQLFTM81Qh1sYCKd4Eav0SYvlbOgw1L57fe2AtCFoqG-KO5TJPBgPukRs1BdxO6YwOE7kJDPK4nc5fdIR348BVoF8iATSjGKa_r2f1OFBQdtfgPAQ0VUe77vu2t45re73XjpZtP4FG5sRbOGgfzGdh3r4mHImWyNFhJ89OQcSBBVGe1Ge7Xj8UKWSFU0U9kMLQXzPH-39MWf0drfQxmA8y2O9qm3MyiTpkOnEc-bAu5ljmRXJ3tM_oUOS3lzmKVSm4edsynU4ZWW8TTKzIsZIt5_oxfrC-SdcGxOAxmGr3_bOwMOm8uItinfgLgfbeQfkoOC5Htsi_4B-31-AiyfRauZ0YHUNrgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1AwHGHC369698QkHY7oftPnlS5CQ%2526client%253Dca-pub-3868038712334580%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
via: 1.1 additional-webserver-green-175p (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 1072144962
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=f5f7283208c61762
cf-ray: 78ec29e49ba29249-FRA
expires: -1

Redirect headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1674598902_7ab67110-9c35-11ed-a333-22367016dc88&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3D51 1 KB
921 B 186ms
70ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=75005700274460200951389012214014&a=0b66f755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 21:27:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Jan 2023 22:21:42 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3D51 16 KB
16 KB 38ms
13ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=75005700274460200951389012214014&a=0b66f755
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 739091df539cfef22920be3a21e07485ff9cb98cb78860424c030b67c0c27771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16269
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3D51 16 KB
16 KB 38ms
14ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=75005700274460200951389012214014&a=0b66f755
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0fc227aa17dc862085baa7bdf3b4912d030d5d4113e44fa73f6ef85f81d9ac9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16552
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3D51 13 KB
13 KB 37ms
13ms Image
image/png 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=75005700274460200951389012214014&a=0b66f755
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: edce6af465db75276107694a82df20117618776e23aa18436b5826de2517326d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13012
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A508
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP8_oxdzPn-6sJNX8DHZDo8&google_cver=1&google_push=Aa02lx8Ikwi5VC8fqd10TCfyFpCFC1bvcPy1MBXH8GtdwjNIbglcw7QQHKeTuTigZPGHL_sFThub_TPMw_-gc-B6ByulniALdM53OYg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODUyOTA0MTkyODQ2NTk5MjE1Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1

43 B
398 B

56ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGZ-tgJAEEEqRK4wmM7M0r4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame A508 0
173 B 62ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELBy7zT4dWLq1lgviklPOsY&google_cver=1&google_push=Aa02lx-gp5EcbqyO3u8ZHYOG_iELwDi-AOzn2ocBT3PIXvFUNMEsvJz16q-vxK69fw8LZQsZavyy55DYQgIrPuGVb__qWUsFx8IOi6r6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A508
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMpecCAIuMO68FWf8pjGrTU&google_cver=1&google_push=Aa02lx_dN2JsOpPj_HCFbrUGFMlMmasyBbKx0O5cT_Xb5CqCv4Rj2A_ojKVlTzDLCWUknYwTL5x-LRZO0fZZGIMtuhxXp71...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_dN2JsOpPj_HCFbrUGFMlMmasyBbKx0O5cT_Xb5CqCv4Rj2A_ojKVlTzDLCWUknYwTL5x-LRZO0fZZGIMtuhxXp71-7IbRLJA&google_hm=eS1DU3NLdnNCRTJwRkd...

170 B
232 B

71ms
71ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_dN2JsOpPj_HCFbrUGFMlMmasyBbKx0O5cT_Xb5CqCv4Rj2A_ojKVlTzDLCWUknYwTL5x-LRZO0fZZGIMtuhxXp71-7IbRLJA&google_hm=eS1DU3NLdnNCRTJwRkdXMEc2YnRIV3NPdDg4SXV1T1hSLn5B

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Jan 2023 22:21:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_dN2JsOpPj_HCFbrUGFMlMmasyBbKx0O5cT_Xb5CqCv4Rj2A_ojKVlTzDLCWUknYwTL5x-LRZO0fZZGIMtuhxXp71-7IbRLJA&google_hm=eS1DU3NLdnNCRTJwRkdXMEc2YnRIV3NPdDg4SXV1T1hSLn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A508
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI5IH_FAimGT5VExCN7yNd0&google_cver=1&google_push=Aa02lx8FJfFIWAUC6RZcYI_yv2YR3PGorUB-nAzV2kZzUhEkXtGLXCthsUZ8zFlYySxOX3-HrBU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERBU1k2UjQtMjQtQlhJMA==&google_push=Aa02lx8FJfFIWAUC6RZcYI_yv2YR3PGorUB-nAzV2kZzUhEkXtGLXCthsUZ8zFlYySxOX3-HrBUf9ZEvr-gE9JQZ-gOTf76uU1_lxwv0

170 B
188 B

70ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERBU1k2UjQtMjQtQlhJMA==&google_push=Aa02lx8FJfFIWAUC6RZcYI_yv2YR3PGorUB-nAzV2kZzUhEkXtGLXCthsUZ8zFlYySxOX3-HrBUf9ZEvr-gE9JQZ-gOTf76uU1_lxwv0

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERBU1k2UjQtMjQtQlhJMA==&google_push=Aa02lx8FJfFIWAUC6RZcYI_yv2YR3PGorUB-nAzV2kZzUhEkXtGLXCthsUZ8zFlYySxOX3-HrBUf9ZEvr-gE9JQZ-gOTf76uU1_lxwv0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A508
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHYHGHji9vBesNsEmcQJpsw&google_cver=1&google_push=Aa02lx-f89mJg3Y7ywAfmCVvCGRgdrCO9OSx9CMRZXe111euYFo0VWshrzkDxL6IKIe-UrACs2rD9dpqEz6ezVEMc...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-f89mJg3Y7ywAfmCVvCGRgdrCO9OSx9CMRZXe111euYFo0VWshrzkDxL6IKIe-UrACs2rD9dpqEz6ezVEMcZuGb8ZirjRO7SkL&google_hm=GCsdsGZHSUnWlySARB...

170 B
232 B

70ms
69ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-f89mJg3Y7ywAfmCVvCGRgdrCO9OSx9CMRZXe111euYFo0VWshrzkDxL6IKIe-UrACs2rD9dpqEz6ezVEMcZuGb8ZirjRO7SkL&google_hm=GCsdsGZHSUnWlySARBKS2qsD

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-f89mJg3Y7ywAfmCVvCGRgdrCO9OSx9CMRZXe111euYFo0VWshrzkDxL6IKIe-UrACs2rD9dpqEz6ezVEMcZuGb8ZirjRO7SkL&google_hm=GCsdsGZHSUnWlySARBKS2qsD
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A508
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFSNe6msdgmUNaX54Ir1kuo&google_cver=1&google_push=Aa02lx-XZ61aEWuq4_9guL2m_6XeD1eV31oa9RrImftuifnqQt6GrNOiqnKX53Of8BIunOZGkWo4R24Nb_Vb...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-XZ61aEWuq4_9guL2m_6XeD1eV31oa9RrImftuifnqQt6GrNOiqnKX53Of8BIunOZGkWo4R24Nb_VbjJ5cq-ru4xphesO5KmMm

170 B
188 B

71ms
71ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-XZ61aEWuq4_9guL2m_6XeD1eV31oa9RrImftuifnqQt6GrNOiqnKX53Of8BIunOZGkWo4R24Nb_VbjJ5cq-ru4xphesO5KmMm

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-XZ61aEWuq4_9guL2m_6XeD1eV31oa9RrImftuifnqQt6GrNOiqnKX53Of8BIunOZGkWo4R24Nb_VbjJ5cq-ru4xphesO5KmMm
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A508
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF6lPvgyW...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEF6...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

70ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=8534ccd1-ce8a-4460-847a-c85fa8a076f0&%%GOOGLE_PUSH_PAIR%%
date: Tue, 24 Jan 2023 22:21:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A508 0
49 B 69ms
67ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LcXBuJigeE1BTY-qTyFLXOhtcP-STVnw0-GAyG9HKQgo6CUSjDgtxCouJ7jUnVhm608LuVdg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 8297 5 KB
5 KB 10ms
9ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2134976655
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame E7B6 103 KB
40 KB 71ms
71ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

850f02e9ada7fdb53185e69b9acb94a44c376e90a2b0b0bac65c00a0000e2d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40786
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 21:55:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 24 Jan 2023 22:21:42 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 368C 85 KB
31 KB 72ms
7ms Script
application/javascript 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=75005700274460200951389012214014&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 08:14:10 GMT
content-encoding: gzip
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 50853
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 1S8Zed2qUdHLEIVV1659qv4KCYXCNPtYavpbFITx6JN0YqyY_WcCUg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 368C 3 KB
3 KB 58ms
8ms Image
image/png 13.225.78.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1674599202&Signature=dNfV3y5sFKSry-y9Hn~tnA41zMzzIBIkg3EhWYQdyI~NfKE8e9WBKZ~TixTG5nwxCLnggBGLYMaP8v6GPV5uCPI1xmIfNXoazZitpBAtwZt8sWp3BX4QpdmZUhRpD~7XfJkMAxN9JDNxtW-70Up4EiG6q~4QGXgnOA5meiAonhkxEyfXuln6m82PIqRQqd8OiLo-ODuXzYPHzzH6w6iPij2-1ejeMDBPzC1QEN-O0Dnh7U1ZId9KYCsGXkZeCd-MuYIsgyAbU8COZdMncW0eEBRP6yHwlXzIODkS1bNXBql-7kRDE5vquRo4hRBOXeBb62fL1Eg-uHzH1v00LFayJw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3868038712334580&output=html&h=90&adk=3336119709&adf=3347376195&pi=t.aa~a.307254967~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1674598901&rafmt=1&to=qs&pwprc=5217193664&format=1200x90&url=http%3A%2F%2Ftrfnews.i234.me%2Fwordpress%2Fbaudette-rainy-river-bridge-completed%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1674598901737&bpp=1&bdt=2936&idt=-M&shv=r20230119&mjsv=m202301040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C468x60%2C468x60%2C300x250%2C728x90%2C324x250&nras=3&correlator=4505641949155&frm=20&pv=1&ga_vid=1578566782.1674598900&ga_sid=1674598901&ga_hid=178886225&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2264&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C44779793&oid=2&pvsid=3280575369490976&tmod=890607478&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=23&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=k8EZ5JGhhI&p=http%3A//trfnews.i234.me&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 24 Jan 2023 08:11:25 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 51018
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: LrhnvVmeJToSi6KC1SCx7rUrwGXAOYuFwtgbHFqsOqAyEmi6hZcRnA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
82ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230119&jk=3280575369490976&bg=!5eal5qLNAAYDMoyoIzI7ACkAdvg8Wk08668R7kPFvVbt40hN0O8p62Sg1K1SsJXbBbrE5Ocvt1vqUAIAAABRUgAAAANoAQeZAqgv6cqNEidaY4x9FWngSehuKfnAoIHzBdukSJFUnsiNU0Na7mk8STT5maWhNxUPROGYv3LC7eeHZ_73glpPMRc0uP6jjjoMpNEDFfYcdcPIjmvSmxuzDJs1-6xjEisr_FY7xs_J3FMv73Dy0jIDyUffJSE3fDLCRjJI0ndiXoYdqPBalhw3shAoGA5Rgf1BpxAk6K5tc_NFn0-i7Yyg3L9FnHEotZ7F47BF6VmNF3lYpxpbshRWBIixzlcdJsEjpJUJT3ycni-eW7OCxbFl711Mm6IMiAICeOqncDxHEC_Ek9UA4BYoG4G0-EF8zEgW0ZdvNIAlrMVTPh6kkkunV-TEgr4SaiBdB7J1DkLC2F36obGaKCLvGysTJvGs1-YgfsXdobY3HyAdoSR8ijEGQcxCS4rpOjqquD_VBD100AvUy5c_r5rGDToBS87qUgrPMyANxLj8GfP0W-kHY23b_dQEdIy5i8mBes0q6iDrwGPlNEO8f0NvBhOaIwmvXs_b9bqEmKPqQtL9brFYdhXDv0k1zPGlyYCAI13Sl9U9lcyoUEWIMHo7jc4CcwmoMTecgcrBHNhOd-1jt0Ht2N5WZc5TgzuU_kzWHsj8SknJcjbuJH6OtcqGlF_JIDNbtq_Y2idiHAAfnTxDGqZa-JlDawbeg_mkr_MwKd3MEuvtVDlLs4GQtdjPjqnnHw4qjlLwiLtUDcqx43JaY0QPxFH_qwy1ZLPh51m2dlV9N12Wui1o6tRaOb7bkUmhk2CK-zIuQq1r95iqFnPIGWGsE1KVypyAVR7pYq70emMUyZm69eAkLo_Q2X_KbhdFOeZNDh061AXYjO1n4px2yfQ4sb5H5WkwGC_sPraxb-hiATbuCAQaA-Y98nWIOIZFd2cQB0UiWgox-JtJRsoHcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame 3D51 0
150 B 33ms
12ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=75005700274460200951389012214014&a=3ada525e&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=75005700274460200951389012214014&a=0b66f755
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=75005700274460200951389012214014&a=0b66f755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:42 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 800E 28 B
54 B 50ms
50ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
X-Goog-Request-Time: 1674598902895
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EDaFPnV2fxc?enablejsapi=1&feature=oembed&wmode=opaque&vq=hd720&&&
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtpZGdaMGFEYlFSZyj0s8GeBg%3D%3D
X-YouTube-Ad-Signals: dt=1674598900247&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C560&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 24 Jan 2023 22:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 24 Jan 2023 22:21:42 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 368C 16 B
232 B 55ms
55ms Fetch
application/json 3.10.236.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.236.156 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-236-156.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 Jan 2023 22:21:43 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 355ms
19ms Preflight 3.10.236.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.236.156 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-236-156.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 24 Jan 2023 22:21:43 GMT
server: nginx

GET
H/1.1 200
OK loadingAnimation.gif
trfnews.i234.me/wordpress/wp-includes/js/thickbox/ 15 KB
15 KB 150ms
150ms Image
image/gif 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trfnews.i234.me/wordpress/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: HTTP/1.1
Server: 184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS: 184-99-181-52.frgo.qwest.net
Software: nginx /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 22:21:45 GMT
Last-Modified: Tue, 17 May 2022 16:53:37 GMT
Server: nginx
ETag: "3b86-5df37fb5e2640"
Vary: User-Agent
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 15238

GET
H/1.1 200
OK admin-ajax.php Show response
trfnews.i234.me/wordpress/wp-admin/ Frame D046 2 KB
1 KB 601ms
600ms Document
text/html 184.99.181.52
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to

Full URL

http://trfnews.i234.me/wordpress/wp-admin/admin-ajax.php?action=likeboxfrontend&

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

HTTP/1.1

Server

184.99.181.52 Fargo, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),

Reverse DNS

184-99-181-52.frgo.qwest.net

Software

nginx /

Resource Hash

2f6fa62852f4a3f11a1e8a9f2b1db2bb00471b06751e89fddf6250797935b6d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://trfnews.i234.me/wordpress/baudette-rainy-river-bridge-completed/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 678
Content-Type: text/html; charset=UTF-8
Date: Tue, 24 Jan 2023 22:21:45 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=20
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noindex

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer: http://trfnews.i234.me/
Origin: http://trfnews.i234.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2

200

page.php Show response
www.facebook.com/v11.0/plugins/ Frame ED57
Redirect Chain

http://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=j...
https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=...

96 KB
28 KB

149ms
132ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false

Requested by

Host: trfnews.i234.me
URL: http://trfnews.i234.me/wordpress/wp-admin/admin-ajax.php?action=likeboxfrontend&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

Resource Hash

17c7f68f2580934596614050fcbfd1b7f555b5e3f7e56cbf39e4673da793a487

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://trfnews.i234.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 24 Jan 2023 22:21:46 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: OrofX3YYB13x/fdnRi+642S0kfbV9FmmiSi0UWDN9O9ZKO7HXLbV9lu0YptfQy0ADgwr5aLsGzN2a/o9Xy73nw==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false
Non-Authoritative-Reason: HSTS

GET
H2 200 SGuzYJNhFV4.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/ Frame ED57 19 KB
5 KB 41ms
8ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/SGuzYJNhFV4.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

5b9c05c33703327748a37ab816e055a6c4983491723ab74553fdcf5bae37649a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: y7vfhv378ouRAA5jkVw0Fg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4990
x-fb-rlafr: 0
x-fb-debug: gfD5iHcQF6TzccTa4UzjMMp3CtvWHpRJYph3GObScqI+F3eU/oU3f9jczktmzKhqLnUZUtKuemzIWi2Ajkqo2g==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 24 Jan 2024 16:41:22 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame ED57 2 KB
1 KB 42ms
10ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: gO9ZGx8t1a6DJb3AVVUqBptHfrDkM3Qt441VA51bRuhrv/SIaN8GUpkeZbh8iSgahKS7Bk0jIm31bbIbWfZKTQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Jan 2024 20:40:09 GMT

GET
H2 200 5Efu-Dd9ERG.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame ED57 33 KB
6 KB 42ms
9ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fl5R7gBdn+7q3joF/eO71w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6398
x-fb-rlafr: 0
x-fb-debug: RsGBAC0MtHBcqAWvmv87NhI7V+y1+UQZmpC0MGu+mhy8s9luWDiA8eD2zUxZay6iSfeZlJ6fjz5OBg9g9D19ig==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 21 Jan 2024 16:52:35 GMT

GET
H2 200 H8L1eW8yGI_.css
static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/ Frame ED57 18 KB
5 KB 42ms
10ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/H8L1eW8yGI_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

173d9efc09c736949d2683d7f8d60412c46d50a1ddf3fa28714184fffd29aa17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Kxn+gt5Fgx243M4XDB9fnA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4825
x-fb-rlafr: 0
x-fb-debug: v+dWcAwtvvbBkph1CWfjxwMY7oOGr0hMmLvSD7BGlZQq11C2/PC//nbV3mJFuJw5lqdMXu2etMFtv+hFNikQGg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 24 Jan 2024 16:41:23 GMT

GET
H2 200 pYJEREWCLUb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame ED57 305 KB
81 KB 47ms
15ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/pYJEREWCLUb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

591239419a61109f75c2fb33cc207d22430ba87ce884153a580e041c20d00fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6y3GOCTU7cfeNwzpYU6gWg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 82762
x-fb-rlafr: 0
x-fb-debug: OzpSR6E1GaJVMb+g1qannEzkSHlkaP5by5U4jtEjTGAjN0UaX2IPisnBosXjCc8NuJFZjby541V+5UUyyL8nvg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 24 Jan 2024 00:06:05 GMT

GET
H2 200 8LoDHCcRMmF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame ED57 38 KB
12 KB 47ms
16ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GtFa/ANPMQQnyBsHWWA6Kw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12334
x-fb-rlafr: 0
x-fb-debug: x7USL+bEO//8c6D5pcdBFqcN0bMjT6umwEcOaCuEEVUI1HwXgk9SeHq+IaEyTNeysyUXT/LCBRoka3NxjJo6ow==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Jan 2024 00:45:21 GMT

GET
H2 200 6y4CCZM5a8v.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame ED57 52 KB
16 KB 58ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/6y4CCZM5a8v.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

f9b02d9acd1f5fdb1c1dde6732e91163ba551f4994f15387e493a2dd514da9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lzSgJnsApQyOt2FL7pxlRQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16276
x-fb-rlafr: 0
x-fb-debug: 8ntRWNRss5fowDMs+bLT7J1paKyUOVWkM+pHR4uzZfsLImTnl8viX7DZj43tYoDqfcA1PpfLLlx7qVTDPnv5Vw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 19 Jan 2024 01:28:56 GMT

GET
H2 200 jF56mpSoBYl.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/ Frame ED57 84 KB
23 KB 47ms
15ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

f22116eb2a3d113dec393ac9e20db766c16a14fe66ca8a12ffe50e6f78899dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +Mo6uDla+PvSU5G0RbtmcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23510
x-fb-rlafr: 0
x-fb-debug: vteKGxoJEj5uqqCYPQZU8nAX/RgcUokM2KTOxR2A9z0ui0rk7J4S0zDv/Rq00VCSwQKBVfHidKAix6dagX4/qA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Jan 2024 17:03:06 GMT

GET
H2 200 6A3gWPe90QC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame ED57 6 KB
2 KB 59ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/6A3gWPe90QC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ded62b6146239bfba0a285a0257eada06855fd5e14eb73235cd465030c9cce82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4CmBqPewDD88S+ZqlprsvA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1738
x-fb-rlafr: 0
x-fb-debug: dClqdSTHiV+a4eTXBrAvq4Azh3n2uLxz97kj67QQsFo014RvxGZy1GR9+7+aaAr9etMUtAbpIrbGKs8SdPB27w==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 24 Jan 2024 16:41:22 GMT

GET
H2 200 Ee5F8RC9yUZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame ED57 56 KB
17 KB 58ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/Ee5F8RC9yUZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

92def1439873e7df4f49a513288e9c6816cbe64f86615736698c5ae99bb67d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /uN1ZYNdrpBJtBV3GuW6uA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16870
x-fb-rlafr: 0
x-fb-debug: AD0bC2Q+S6i/dwNfao7SahUQcc3bpWgdsr4BG4GJvY5gkzxeDFBOrqqLZt+Xoo9nlErY5oCldW5veGQLuH1M/A==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 24 Jan 2024 16:41:22 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame ED57 507 B
487 B 56ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-rlafr: 0
x-fb-debug: ZzO/obqAqSwEuQFeY2i/35/U2Up6dTrxmsLp4VvrOTNRzPOQnUDr2+S5IEeGEAWluCXHKJTG7qMfJfVrhZAbKA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Jan 2024 00:44:59 GMT

GET
H2 200 s0faeuC9AwY.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame ED57 189 KB
55 KB 56ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/s0faeuC9AwY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

975bd283d69beed7a09854e0e1cb076628ca03ce96c85a2d3a16bc07bc18327c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Z0bW5cJQEKK0dRcfXhXlyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56377
x-fb-rlafr: 0
x-fb-debug: XVz2YShnatT9sy0AZ4x9DraVJd7MUNM99MPusRtXy/RR0OktvivFt/KpEnJ1cWBdpTXHdEQDaNzt88K2McgLvg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 18 Jan 2024 21:18:30 GMT

GET
H2 200 XX1F1Uj33Ew.js Show response
static.xx.fbcdn.net/rsrc.php/v3ivrH4/y5/l/en_US/ Frame ED57 334 KB
78 KB 56ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ivrH4/y5/l/en_US/XX1F1Uj33Ew.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

0fefb7ebc7fe59180a654afca4fef66ab766e77c5bf5266951c6952113d3735a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lL5U5lfCC/Ord7M15Sf1XA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 79518
x-fb-rlafr: 0
x-fb-debug: LrQPryH7qtLSj9sy+FmFNZ4efTKwBBOenKzGsyLiFCX6KEZTUsaBxEA4mvOM4uYw6LifGHkqcA5S/QgAnGGAKA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 18 Jan 2024 19:01:06 GMT

GET
H2 200 4i7BFFNL0Cz.js Show response
static.xx.fbcdn.net/rsrc.php/v3i59j4/yr/l/en_US/ Frame ED57 424 KB
99 KB 55ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i59j4/yr/l/en_US/4i7BFFNL0Cz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

b5e632e1b09b2816dc8f0161e50baa361013b40e43244245a0d4714589790e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gqYoNP+jIAXaNZK/6FKE9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 101454
x-fb-rlafr: 0
x-fb-debug: NmSC/Sdu6c6z2PzURv+mNJg+WJVlKl1SnqbLEiMO308ARQcdXX91TYMOciHtv+/m5gxmu07x8EzlbMwzQqqQYw==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:29:20 GMT

GET
H2 200 elvGmxOyMJZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame ED57 5 KB
2 KB 56ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/elvGmxOyMJZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

dfaad407f979d4d112c26c52cc9c2347560c8099f765759b90e323361c65dd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HVKLWHNGsk1+NvOIHC1qdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1728
x-fb-rlafr: 0
x-fb-debug: FOUgieuv4PMPdoLdNo1IpaBiJX49Ohv5r23qbFmTuJ4wJY81dwY8SzKc/isubJhtScMQmbU/g+FMotO+wmX2pQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Jan 2024 16:45:31 GMT

GET
H2 200 hWOdyLOhufr.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame ED57 22 KB
7 KB 57ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/hWOdyLOhufr.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

202af825bfe28ded4b94e6c1d7aca76457dc86385eb03de99fe933df7b2b56c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RULFh5VSM1HKz+zbMV66AA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7168
x-fb-rlafr: 0
x-fb-debug: Ji8RnTG4u0vyRrmYTVnn5l5bQSH68nftbb2zwvkLZJ1jF5ZYOK6DXBRCnH7O6I79ddxaw49ipaAR6NflFBuOfQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 Jan 2024 01:29:01 GMT

GET
H2 200 cDcOw13Y5VI.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yI/l/en_US/ Frame ED57 19 KB
5 KB 57ms
27ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yI/l/en_US/cDcOw13Y5VI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

5587b3f52f5f915c15bc89416f81cf20bc1af24e92c95c872c710b3d4e024584

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YXg1M5CGxwAzK/D2Rfa0zg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5459
x-fb-rlafr: 0
x-fb-debug: Ds7IxgRQXIxS2fFMAxUYwZM9B/a//xCRIGOfIoMw48OR4G+6w6exCR3nuWYE1cDX3iaBgNzez2OQqnhI7HmZTg==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Jan 2024 17:03:06 GMT

GET
H2 200 hL7ZHyhHu-8.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame ED57 10 KB
4 KB 58ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/hL7ZHyhHu-8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

fe09ba598dd6a139b86f923e80da2541bdeb08b39c4edec220c206254d69ace2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: UrNzd0F4HmOn0+lOdldURQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3527
x-fb-rlafr: 0
x-fb-debug: J/UCPfiapETzEo4r9+p0hYSMFMOOkRRPaXSg6M/rk8Nf5ibIaLyj9OYQfsYE16O5pR6DsB0g+iegip+SlHI2yA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 12 Jan 2024 02:59:48 GMT

GET
H2 200 2f61oWyjOj5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame ED57 14 KB
5 KB 58ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/2f61oWyjOj5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

8f6a6fda1fdc0a8a8ba1494660498fd978611bf1046409dd648cb7829716f5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LzvT9doqy1WCjF3O/eiidA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5358
x-fb-rlafr: 0
x-fb-debug: pWDS2xsDadLpCT93LfhpnonSHOoMRp7++LxocI8UjSCo4PH/HfGsQNWdmHovVigoUQ4D9llfaXIKxqL+QoZqUQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Jan 2024 20:35:01 GMT

GET
H2 200 h8ulkmpky8f.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame ED57 55 KB
15 KB 57ms
28ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/h8ulkmpky8f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lbhbphR1BNPxW6RqDJiiow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15174
x-fb-rlafr: 0
x-fb-debug: ouWVtJyJ8qCFBEk8449hmnrLXDMrw4QpGpuXqAuyXuNSE49nx/QU8zJqt631YgIz7ixThFBb7WTgu/4CKs3tPQ==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Jan 2024 00:45:17 GMT

GET
H2 200 326152862_503934835209491_8278823623149895824_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/ Frame ED57 31 KB
31 KB 94ms
29ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/326152862_503934835209491_8278823623149895824_n.jpg?stp=dst-jpg_p526x296&_nc_cat=105&ccb=1-7&_nc_sid=dd9801&_nc_ohc=BU-X5U4l2WYAX_6v4wr&_nc_ht=scontent-arn2-2.xx&edm=AHhUBXQEAAAA&oh=00_AfDtLMs8AlwVlXjBsEfOgXLUpAZ_-WpR4WaNhu5pdIiHXQ&oe=63D5E8C2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8a773e88683c82fe09782ccdb00676c0ef9845b104b1ef288dcdea7cc5bd272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-haystack-needlechecksum: 1504738282
date: Tue, 24 Jan 2023 22:21:46 GMT
x-fb-trip-id: 1904183273
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 16 Jan 2023 17:09:41 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1440023124
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2860682617
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 31459

GET
H2 200 279574540_403334798465265_4408455865566027260_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame ED57 2 KB
2 KB 94ms
28ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/279574540_403334798465265_4408455865566027260_n.jpg?stp=c0.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=3O6nrrOuaOAAX_9P50x&_nc_ht=scontent-arn2-1.xx&edm=AHhUBXQEAAAA&oh=00_AfB-0iyTUb02micaiXss6WRkxQ_A83Cnl8qOex2vMZejCg&oe=63D47483
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2fe87891ef90627523759dc0c486c8f8b49f9d787bc320b494e7cc32e20149f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
x-fb-trip-id: 1904183273
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 01 May 2022 12:20:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2886009778
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3121583367
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1568

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame ED57 573 B
628 B 18ms
8ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/SGuzYJNhFV4.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0,cross/SGuzYJNhFV4.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: 5/5kXA8BJZgDnLSnp/T0bIsXndE1tid2RslibE+8IV/dBKY9JHZkyGLSRwr9fPML8fuMoCSvSZclYxEJQdsbEw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Mon, 22 Jan 2024 07:50:46 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame ED57 968 B
892 B 33ms
32ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=873881955965734&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yN/l/en_US/jF56mpSoBYl.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

Resource Hash

c1ed5fbbbb0ad6d92a600d0968caae207b1e94d62bba562b5a2d25b5d01a7ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: Suz4nwjTIOmUgeJOYkdQNn
Referer: https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 22:21:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: lu1JqxRYKFszgWJfcsQoPxOdSAPRWNCZJaekkD2/9Ekg+j5kmJ2J0Hc+ntatQq55VwEj8EuaWWjhbIKxdXd88w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 oeqmiD6VWLH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame ED57 344 KB
75 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/oeqmiD6VWLH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/pYJEREWCLUb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

4b30873f9306be94b1b4858dcc61f0dc4c1ce71c64a7c404b916016bea12b15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NP+GOp0r4PfzcNfn4ip9/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76828
x-fb-rlafr: 0
x-fb-debug: GV0u1rRrkJfBB1TMQb28m9kZ5lveoQpFW+KCTjYBw7FHArG2Tq47qwY/+0q5njVppjI3nc8zBkUmKf94rXJpBA==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 20 Jan 2024 19:18:56 GMT

GET
H2 200 BqEjD1dj1pL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame ED57 840 B
551 B 11ms
10ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/pYJEREWCLUb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uknKQ5sJ+8vBWLiIBWWBIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 356
x-fb-rlafr: 0
x-fb-debug: +pcFwvPk025YfsBUyRbU+k1wM1JGbWV3YK0/3Th/gpIlKvhhphZCdRypHFB1vunjPLUkGNHOzgC+DiMWs8iq3w==
x-fb-trip-id: 1679558926
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 11 Jan 2024 00:44:48 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame ED57 12 KB
12 KB 9ms
8ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/5Efu-Dd9ERG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-rlafr: 0
x-fb-debug: w/8+OK7DSFTYgXhBiPq+rk8Xmpz5g0QIzwLXJeDisax7WGT9/+9SHwGK+AOkyymQ4E4UR4OfaZ8Z3gPFSqiLtw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 24 Jan 2024 08:33:46 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame ED57 198 B
254 B 7ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/pYJEREWCLUb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 22:21:46 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: 1EZnCASd/dE9YsKbIB99/seaoFZSQC09d+TngAABEGQcnalRSYmGyIbiRZ0Th2bRLTjlY8MGrYIv3CoYIM4XhA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Jan 2024 01:34:14 GMT

GET
H3 200 /
www.facebook.com/login/ Frame ED57 0
0 68ms
68ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv11.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26container_width%3D500%26width%3D500%26height%3D150%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTRFNEWSs%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26tabs%3Dfalse%26small_header%3Dfalse

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/pYJEREWCLUb.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v11.0/plugins/page.php?adapt_container_width=true&container_width=500&width=500&height=150&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTRFNEWSs&locale=en_US&sdk=joey&show_facepile=true&tabs=false&small_header=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 24 Jan 2023 22:21:46 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: JP6aEPcQ7twjnmTw0uf/rF98xt+S6NfD6qmeB+YNYB9flRKCtjb6Ogs4L/G9dIY1aa0NaqdwApqP1WnMl9KEpA==
x-frame-options: DENY
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

334 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trfnews.i234.me/	1970-01-20 18:45:58	Name: _ga_NW06L14YXV Value: GS1.1.1674598899.1.0.1674598899.0.0.0
.trfnews.i234.me/	1970-01-20 18:45:58	Name: _ga Value: GA1.3.1578566782.1674598900
.trfnews.i234.me/	1970-01-20 09:11:25	Name: _gid Value: GA1.3.2138999625.1674598900
.trfnews.i234.me/	1970-01-20 09:09:58	Name: _gat_gtag_UA_129116107_3 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Q2mGlhqkGtU
.youtube.com/	1970-01-20 13:29:10	Name: DEVICE_INFO Value: ChxOekU1TWpNME56VXhNRE01TVRVd09UWTROQT09EPSzwZ4GGPSzwZ4G
.youtube.com/	1970-01-20 13:29:10	Name: VISITOR_INFO1_LIVE Value: idgZ0aDbQRg
.doubleclick.net/	1970-01-20 18:31:34	Name: IDE Value: AHWqTUnPKWzJOp4AEPVGEl8FKaHFuVvA_dhPovLPxxtvB7654UHoYJh46U4PTFkiYw8
.simpli.fi/	1970-01-20 17:57:01	Name: suid Value: 8B074A76C45A4E14BB69B84FA05490DB
.adfarm1.adition.com/	1970-01-20 11:19:34	Name: UserID1 Value: 7192347518012553362
.ctnsnet.com/	1970-01-20 17:55:34	Name: gid_CAESENXHKDct4Kvuzor-HuqJz30 Value: 1
.ctnsnet.com/	1970-01-20 17:55:34	Name: cid_3d3ef7ff5d744498a3c2c1fe8954f790 Value: 1
.ctnsnet.com/	1970-01-20 17:55:34	Name: gid_CAESEHQpq_gHvPflJ50gzNBvz1s Value: 1
.ctnsnet.com/	1970-01-20 17:55:34	Name: cid_c0e6512067184207ad5a737845761ca9 Value: 1
.w55c.net/	1970-01-20 18:40:13	Name: wfivefivec Value: V41Qerjk1PkrFI5
.w55c.net/	1970-01-20 09:53:10	Name: matchgoogle Value: 5
.lijit.com/	1970-01-20 17:55:34	Name: ljt_reader Value: GCsdsGZHSUnWlySARBKS2qsD
.yahoo.com/	1970-01-20 17:55:56	Name: A3 Value: d=AQABBPZZ0GMCEDdAztKQ_izmkIuBvnCKSOMFEgEBAQGr0WPaYwAAAAAA_eMAAA&S=AQAAAu63YcNSxcAoYXa8jIMfUHM
.1rx.io/	1970-01-20 17:55:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-bd326787-3b17-4954-b481-d40961a6cb4d-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 17:55:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-bd326787-3b17-4954-b481-d40961a6cb4d-003%22%7D
.mathtag.com/	1970-01-20 18:35:54	Name: uuid Value: 0e5563d0-59f6-4b00-b532-9a6f5d377bb7
.mathtag.com/	1970-01-20 09:53:10	Name: mt_mop Value: 4:1674598902
.retailads.net/	1970-01-20 09:53:10	Name: ppb2172 Value: 2134976655
.bidswitch.net/	1970-01-20 17:55:34	Name: c Value: 1674598902
.bidswitch.net/	1970-01-20 17:55:34	Name: tuuid_lu Value: 1674598902
.bidswitch.net/	1970-01-20 17:55:34	Name: tuuid Value: 8534ccd1-ce8a-4460-847a-c85fa8a076f0
.awin1.com/	1970-01-20 09:12:51	Name: awpv20044 Value: 412871\|1674598902\|7ab42722-9c35-11ed-a333-22367016dc88
.awin1.com/	1970-01-20 09:14:18	Name: awpv11354 Value: 412871\|1674598902\|7ab67110-9c35-11ed-a333-22367016dc88
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.blismedia.com/	1970-01-20 17:55:38	Name: b Value: 63D059F693FA3E51AD2388B1BLIS
.turn.com/	1970-01-20 13:29:10	Name: uid Value: 8601099522503920088
.futalis.de/	1970-01-20 10:36:22	Name: raSIDb Value: 2134976655
pb.media01.eu/	1970-01-20 18:45:58	Name: DTU Value: 2C314233733730A31D309A5F4FB17D4B
www.conrad.de/	1970-01-20 09:17:10	Name: HTLP_timestamp Value: 1674598902
www.conrad.de/	1970-01-20 09:17:10	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 09:10:00	Name: __cf_bm Value: goQ0VkYenCDrXL5wEbbzkWxpPrp47t6TFUfLY9tyoYg-1674598902-0-AdAXoozDFgEO311t9mtHBiH2pfWqrK5lzfFcgb6Smy2bJAmGgs6VNp1yXS7cjl2WlqKVGoP9HAIVwhm+CwJNW2U=
.office-partner.de/	1970-01-20 18:45:58	Name: source Value: {"webgains_webgains":{"timestamp":1674598902636,"clickCookie":false}}
.blau.de/	1970-01-20 09:20:03	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3NDU5ODkwMnZsZWExZGUyMDIzMDEyNDIzMjE0MjgwODQxODQwMzkxWDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/	1970-01-20 09:20:03	Name: nscQ486 Value: V
.blau.de/	1970-01-20 09:20:03	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023012423214280841840391X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.o2online.de/	1970-01-20 09:20:03	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 09:20:03	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3NDU5ODkwMnZsZWExZGUyMDIzMDEyNDIzMjE0MjgwODQxODQwMzg1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQzYmdGcGYxNFVaclpVN0hySEF0RXQ5OTdmOFRXVFJlYWRvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTIwMjEx
.o2online.de/	1970-01-20 09:20:03	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023012423214280841840385X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3NDU5ODkwMnZsZWExZGUyMDIzMDEyNDIzMjE0MjgwODQxODQwMzg1WDEyMDIxMVYxMjI2MTMyNzAyT
trfnews.i234.me/	1970-01-20 09:12:51	Name: facbook_like_box_popup Value: facbook_like_box_popup

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/13.jpg?v=1670241907 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://trfnews.i234.me/wordpress/wp-content/uploads/2022/12/1.jpg?v=1670241682 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://trfnews.i234.me/error_204?a=logerror&t=jserror&type=SyntaxError&msg=Failed%20to%20execute%20%27postMessage%27%20on%20%27Window%27%3A%20Invalid%20target%20origin%20%27data%3A%27%20in%20a%20call%20to%20%27postMessage%27.&line=Not%20available&level=WARNING&client.name=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
analytics.webpushr.com
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
bot.webpushr.com
cdn.retailads.net
cdn.track.production.webgains.team
cdn.webpushr.com
cm.g.doubleclick.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
i.ytimg.com
jnn-pa.googleapis.com
medialead.de
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
region1.google-analytics.com
scontent-arn2-1.xx.fbcdn.net
scontent-arn2-2.xx.fbcdn.net
static-de.ad4mat.net
static.doubleclick.net
static.xx.fbcdn.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
trfnews.i234.me
um.simpli.fi
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
13.224.189.115
13.225.78.30
138.201.84.252
142.250.180.230
142.251.39.66
145.239.193.130
167.233.14.134
167.71.57.196
176.9.26.250
184.30.20.207
184.99.181.52
185.29.132.242
185.29.134.248
2001:4860:4802:34::36
213.19.147.45
216.52.2.19
23.67.134.223
2600:1901:0:76b9::
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6812:7f05
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400d:803::2003
2a00:1450:400d:804::200a
2a00:1450:400d:805::2002
2a00:1450:400d:806::2001
2a00:1450:400d:806::2016
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80d::2008
2a00:1450:400d:80e::2002
2a01:4f8:d0a:2321::2
2a02:fa8:8806:16::1370
2a03:2880:f00a:11c:face:b00c:0:3
2a03:2880:f00a:e:face:b00c:0:3
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:cbf7:2d7b:a2a1:22ee
2a0b:4d07:401::1
3.10.236.156
3.65.84.173
3.68.24.7
34.96.105.8
35.176.33.61
35.186.193.173
35.204.158.49
46.228.164.11
46.4.62.19
51.89.9.253
54.76.176.197
64.225.42.52
64.227.60.121
69.173.144.138
84.200.5.215
85.114.159.118
88.198.250.30
88.99.63.132
94.23.99.218
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07eedabca3ad6616a40e1253b51c2b398db458c0d088217e663880cfdc4c96c6
0a115fe3f8c7e9cbdb6849e07004e1c1d21df8d0bd2efb30b36eb6d24a947667
0a54e371c1e7e371d283d6e214097d2367e1dc7d7324292b3d4ff30a6094f762
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbdba4e3ae519ca99e112e64fc41409518bc3356804b0a52116c4d88def2774
0fc227aa17dc862085baa7bdf3b4912d030d5d4113e44fa73f6ef85f81d9ac9a
0fefb7ebc7fe59180a654afca4fef66ab766e77c5bf5266951c6952113d3735a
1008e0fea1bcea71d721ce0187eba5979aee7626901ea11940898b0db51320c0
10a2439001d53cac93726a7b6f5b1fbc3dc1af341589c3a1759703c66bf21fed
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
173d9efc09c736949d2683d7f8d60412c46d50a1ddf3fa28714184fffd29aa17
17756d2f03c3be774d2c0f61f2536fd099d37b94f3884ebdcac17fa5dbe80fce
17c7f68f2580934596614050fcbfd1b7f555b5e3f7e56cbf39e4673da793a487
195cc8d1cc568e2ad7f92ec4d0ce8fb785476f79d603a785c542ec16ceaacf84
19776122545729571bad05181717e04b7c31470d3037a924a497b07095136771
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833
1e344326df212ed6eb8d06155104ba8919dd81bfeafef52a3ddd186f6af7879a
202af825bfe28ded4b94e6c1d7aca76457dc86385eb03de99fe933df7b2b56c5
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
254612bfc015f7c90eead4873544ebccc247930bdfb26b3afd7e7c81d4347496
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2b237f159651404325b27d766fb06380344fcf90ad1150e787c5e566d328edd5
2de45ef610b6c9a8d7afd2f408e625379ff3b6b73bf53d09c3850600c7447f56
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f6fa62852f4a3f11a1e8a9f2b1db2bb00471b06751e89fddf6250797935b6d2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
321f5a485fcdd4cca1621efc778daf0b941251999015fe7c26cad381a0f8001b
33963ee4b83b5c6dfe8a85b098f9d4494b85955de79ffa0e038bad24730b2d0c
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3d10295dc8a8f7eab2e6ed6db028ac94f02edff9a800aa4ce171224283f49220
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
3eec981ffd48c2613406a197ab0285deb4f88b48ad3f975461720ce061a5cd0f
4017bf9c1c74f26076eb47a406f0e72b6d923cd50613a741a11522e0264a1a87
41e1dcd4cbb2dc570ab63c68231c973f457e0c63e74bdc3c240bcb195324aacd
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
46111721e69ab666ec62df8f6c38bb407411f6da8a5439eb21dd2b2160bcfcaf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49093937bb58e61cc9ac204d6f117ac51508e1a8e8137c6ca4911dbe7fc54863
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84
4b30873f9306be94b1b4858dcc61f0dc4c1ce71c64a7c404b916016bea12b15f
4b8f2b9057459cc49ad9e57815844be1452347e6ea3c710eb90c1e048396f428
5020e220905d0e2ce4b65074c2ceb47afdb96ec557fd3d328d7cb1197ec00396
5587b3f52f5f915c15bc89416f81cf20bc1af24e92c95c872c710b3d4e024584
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
591239419a61109f75c2fb33cc207d22430ba87ce884153a580e041c20d00fc5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b148a623c3cc31ff6fb34db0280b42a375d9d1f6e00688f24c977aa5e73fe1d
5b9c05c33703327748a37ab816e055a6c4983491723ab74553fdcf5bae37649a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5e6b64548a659799b21cada8e58a9fd1f53faf3208219c395c147194f7acbfe0
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5fa1604030d5cb9558b680e018604c872987558fa9cfd5523c4f2b50240c72fc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952
633570f8cb96f77167e187df7ca6337911c99e7438badbbcf5abcb69be0f5e4c
64c8917d3c849cbc944ec38711313efd82355f0abcadd5d5ab86c11dd0f452db
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
690b96d2559591f91a037476ec10a31fa8c92fcccd97dd48136223cfb70e6299
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
70ca90a901133a24c9c5f2f429f5d34cc552ac20ed424d7210e27c1564965add
70df2c6bf5eccf4aea0864cbe673cabddb35af2e0928a31ae7341abae3d646eb
739091df539cfef22920be3a21e07485ff9cb98cb78860424c030b67c0c27771
76f02cfc2800bf05f671d7f8e615fca26fb06efe8c5ba704c94a83605f11a3df
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7ab56986ff9a66c35dcce1d3e2e2991e562a690e4e9d7388ea94f107cf49393f
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7cf4a9a630b1f404414192b490ebe257391be12203632b6528a48388b000794c
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
7fbdaf967f812a4d7a57617af52ece375d698ec094a4be506b02b83c9ac3e9ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850f02e9ada7fdb53185e69b9acb94a44c376e90a2b0b0bac65c00a0000e2d41
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8bf11f7099b4fe3aa172603f8beda098c4bf2521841d432b01b986bbff59a227
8f6a6fda1fdc0a8a8ba1494660498fd978611bf1046409dd648cb7829716f5b5
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91e9dbff9d2cefcd09994a4b01cd2294afc42afafbb2f9140251e14e52d68f89
9234285a8a1053c4cd3482bfa064b7906b1e13d11ddb9d3fe88b3127a111e13d
92def1439873e7df4f49a513288e9c6816cbe64f86615736698c5ae99bb67d14
92efad0e503b8c3761698b954821b25efdc1766c3d2a458635c3364a268cf31f
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
975bd283d69beed7a09854e0e1cb076628ca03ce96c85a2d3a16bc07bc18327c
99b17728d81082e7a6e0f8ed2f61b8bb249f1b08c8fe07e9503c18f12a8d797e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a13486e2ac94d1a7a1873b3b6aa98899e1fd389cdb1bbc311d724bd342591c47
a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
a8a773e88683c82fe09782ccdb00676c0ef9845b104b1ef288dcdea7cc5bd272
aa21058838cf29cef6b61d920b6716f96a897f4589258f7aacebcac73ce66520
ab8021c194c9424612aa8254b92718120bd40c63700bdc6bb81e6666015a81d8
aec8b3d14783541065cc999de52771d8d7711289df8f9c551860e43ebd7acf30
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fe87891ef90627523759dc0c486c8f8b49f9d787bc320b494e7cc32e20149f
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b3c3fff40df7bfb6b02a58a0485d19cacc36de6642f9dc762283cb3960cd7d72
b4efd8a47be611448c28bf806c11d8f91c5b029fa79b2e0515de90f93f836877
b5e632e1b09b2816dc8f0161e50baa361013b40e43244245a0d4714589790e7e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7b3add38bb9fd373baa4bb0af241358ddb8fae784a3b84a5167393cd8561c5
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c0135793b43a5767641dac229394d46fa89dd1fc9d0ea9717eb585c89750e97c
c1ed5fbbbb0ad6d92a600d0968caae207b1e94d62bba562b5a2d25b5d01a7ca5
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c34299966d31c0354eac70bc6fc85bedcfa88a5ec90973ce4f3cdc6c5d103bd8
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c58fdf5d233976a01b73dc8204e3ef2c2481e6d54b61709a7bc6017a67af31d2
c8821d06dfd34ed87aeddfc12c30cd9095bdbbb50e74f2a4e1fe4a6d77431287
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
cab9505497b8ef611e8350226ab8e4df93e022804638fb3de2f39da196097505
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cc171a46f16266cc870e95f5c1b470f0f0bb847231354bdb20857350f016c911
cc33154ddfc0365eeff9c8297343a86ca3822fffbb43427c9dc502b60471597b
cdc849dd3dde7b6f7a8a1c2e55d274ac159a5af5779f6fe4e1cabf7d8e22bb7e
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d77512224c7baf4973c04439d4b128f488208c723daa2fb0add832ecf7534fae
d7850f6ef454c88c54716856c6d086544df9d08394005e4b6e30e09ef59b44de
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598
de22251de744ea11cc272908446d053d0a9012b7356ee1ba8b7561337d0f71fb
de2f54001158d578e36c426f076c1862cae52387d89919355a0176588d76e14b
ded62b6146239bfba0a285a0257eada06855fd5e14eb73235cd465030c9cce82
def0ba870ea4112a81d270fea44a1fe31df45ad236f250e6885fe1f5959d3677
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df08ecea3c17448cf735e62672f7a8dc5e66cc411e620dbd2e609e730d485b48
df28ecf929157156d9e444395da96bba8bec6319d1e88ea7241ee861bb1e76e0
dfaad407f979d4d112c26c52cc9c2347560c8099f765759b90e323361c65dd90
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ee3aa96bb51d3e436bfdfd9ca669e6ccdea8e764c4a7f11e3084e1c7de9a7f
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e62493168262b5794ae612b072600be84f26722e10b257c0cb62d757045c9e46
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
edce6af465db75276107694a82df20117618776e23aa18436b5826de2517326d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efe258977470a021feb73787f622053e758b9416fc30426e1578ebcb2022e82e
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f22116eb2a3d113dec393ac9e20db766c16a14fe66ca8a12ffe50e6f78899dbe
f2c42b0c73e798fe17937d9ff1bac40397b58eeb1fa17ef736a2a726637c90f7
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72f07d7841b6e4cc7a3e92d841e71ce1a97098014c6066489c81337d7b4b0cb
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
f9b02d9acd1f5fdb1c1dde6732e91163ba551f4994f15387e493a2dd514da9f5
fbc7f65ca041dae8328e56172d00958d2cbc86da6495d87f41e5af649ab14658
fe09ba598dd6a139b86f923e80da2541bdeb08b39c4edec220c206254d69ace2
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2
ffe72da830df829bce216164b9feb9f2a6b2f5273dbcbe64f27d00cab07e598c

trfnews.i234.me Open in urlscan Pro 184.99.181.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

246 Requests

69 %HTTPS

47 %IPv6

50 Domains

71 Subdomains

53 IPs

8 Countries

4532 kBTransfer

11944 kBSize

44 Cookies

8 Outgoing links

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

trfnews.i234.me Open in urlscan Pro
184.99.181.52 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

69 %
HTTPS

47 %
IPv6

50
Domains

71
Subdomains

53
IPs

8
Countries

4532 kB
Transfer

11944 kB
Size

44
Cookies

246 HTTP transactions
11 data transactions