marshfieldmail.com Open in urlscan Pro
65.61.154.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.marshfieldmail.com//
Effective URL:
https://marshfieldmail.com//
Submission: On June 23 via api (June 23rd 2024, 11:23:01 pm UTC) from US — Scanned from DE

Summary HTTP 75 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 15 domains to perform 75 HTTP transactions. The main IP is 65.61.154.4, located in United States and belongs to RMH-14, US. The main domain is marshfieldmail.com.
TLS certificate: Issued by R3 on May 17th 2024. Valid for: 3 months.

This is the only time marshfieldmail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	65.61.154.4 65.61.154.4	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:480... 2a02:26f0:480:d88::3926	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	172.64.147.103 172.64.147.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	162.242.142.155 162.242.142.155	33070 (RMH-14) (RMH-14)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.200 142.250.185.200	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.65 143.204.98.65	16509 (AMAZON-02) (AMAZON-02)
75	27

18 65.61.154.4 (United States) 1 redirects

ASN33070 (RMH-14, US)
PTR: fw.criticalmix.com

www.marshfieldmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marshfieldmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bandel.creativecirclemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:d88::3926 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

proxy.webwidgets.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.147.103 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

static.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.242.142.155 (United States)

ASN33070 (RMH-14, US)

marshfieldbanners.creativecirclemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3004.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net

listgrowth.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	marshfieldmail.com 1 redirects www.marshfieldmail.com marshfieldmail.com images.marshfieldmail.com Failed	283 KB
10	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355 www.google-analytics.com — Cisco Umbrella Rank: 71	22 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	684 KB
6	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7510 router.infolinks.com — Cisco Umbrella Rank: 2874 rt3004.infolinks.com — Cisco Umbrella Rank: 77222	62 KB
6	creativecirclemedia.com bandel.creativecirclemedia.com — Cisco Umbrella Rank: 371889 marshfieldbanners.creativecirclemedia.com	24 KB
5	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744 www.google.com — Cisco Umbrella Rank: 5	130 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	429 KB
4	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 5714 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286	117 KB
3	ctctcdn.com static.ctctcdn.com — Cisco Umbrella Rank: 12640 listgrowth.ctctcdn.com — Cisco Umbrella Rank: 15260	58 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	176 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469 fonts.googleapis.com — Cisco Umbrella Rank: 83	40 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	90 KB
2	accuweather.com proxy.webwidgets.accuweather.com — Cisco Umbrella Rank: 273806	50 KB
2	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 486	75 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	6 KB
75	15

	Domain	Requested by
15	marshfieldmail.com	marshfieldmail.com
8	www.googletagmanager.com	marshfieldmail.com www.googletagmanager.com
6	region1.google-analytics.com	www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	marshfieldbanners.creativecirclemedia.com	marshfieldmail.com
3	router.infolinks.com	resources.infolinks.com
3	fonts.gstatic.com	fonts.googleapis.com marshfieldmail.com
2	resources.infolinks.com	marshfieldmail.com
2	fonts.googleapis.com	marshfieldmail.com
2	bandel.creativecirclemedia.com	marshfieldmail.com bandel.creativecirclemedia.com
2	static.ctctcdn.com	marshfieldmail.com static.ctctcdn.com
2	maxcdn.bootstrapcdn.com	marshfieldmail.com maxcdn.bootstrapcdn.com
2	connect.facebook.net	marshfieldmail.com connect.facebook.net
2	securepubads.g.doubleclick.net	marshfieldmail.com securepubads.g.doubleclick.net
2	proxy.webwidgets.accuweather.com	marshfieldmail.com
2	netdna.bootstrapcdn.com	marshfieldmail.com
2	cdn.ampproject.org	marshfieldmail.com cdn.ampproject.org
1	listgrowth.ctctcdn.com	ajax.googleapis.com
1	www.gstatic.com	www.google.com
1	rt3004.infolinks.com	resources.infolinks.com
1	www.google.com	ajax.googleapis.com
1	cdnjs.cloudflare.com	ajax.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	marshfieldmail.com
1	www.marshfieldmail.com	1 redirects
0	images.marshfieldmail.com Failed	marshfieldmail.com
75	27

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
marshfield.yourquickads.com
www.mopublicnotices.com
todaysdeal.incentrev.com
www.facebook.com
twitter.com
bolivarmonews.com
buffaloreflex.com
cedarrepublican.com
ccheadliner.com
harrisondaily.com
newtoncountytimes.com
www.westplainsdailyquill.net
www.sedaliademocrat.com
www.warrensburgstarjournal.com
www.whig.com
www.hannibal.net
www.baxterbulletin.com
www.kirksvilledailyexpress.com
www.thebignickel.com
nemotrader.net
creativecirclemedia.com

Subject Issuer	Validity	Valid
marshfieldmail.com R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
misc-sni.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.webwidgets.accuweather.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-21` - `2024-08-20`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-02` - `2024-07-01`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
static.ctctcdn.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
creativecirclemedia.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
infolinks.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
listgrowth.ctctcdn.com Amazon RSA 2048 M02	`2024-04-01` - `2025-04-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://marshfieldmail.com//
Frame ID: 678C6462D6D28E53CDDAB3A4DD7C19F0
Requests: 74 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3338577&wsid=0&pdom=marshfieldmail.com&purl=https%3A%2F%2Fmarshfieldmail.com%2F%2F
Frame ID: 35510EC57BA3D5F966937EAC3EB9330C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marshfield Mail

Page URL History Show full URLs

http://www.marshfieldmail.com// HTTP 307
https://www.marshfieldmail.com// HTTP 301
https://marshfieldmail.com// Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

75
Requests

99 %
HTTPS

46 %
IPv6

15
Domains

27
Subdomains

27
IPs

4
Countries

2246 kB
Transfer

6753 kB
Size

12
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.legacy.com/obituaries/marshfieldmail/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://marshfield.yourquickads.com/
Title: Place an ad

Search URL Search Domain Scan URL

URL: https://www.mopublicnotices.com/
Title: Statewide legal notices

Search URL Search Domain Scan URL

URL: https://todaysdeal.incentrev.com/marshfield/deals
Title: Today's Deal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MarshfieldMail/

Search URL Search Domain Scan URL

URL: https://twitter.com/mfieldmail

Search URL Search Domain Scan URL

URL: http://bolivarmonews.com/
Title: Bolivar Herald-Free Press

Search URL Search Domain Scan URL

URL: http://buffaloreflex.com/
Title: Buffalo Reflex

Search URL Search Domain Scan URL

URL: http://cedarrepublican.com/
Title: Cedar County Republican

Search URL Search Domain Scan URL

URL: http://ccheadliner.com/
Title: Christian County Headliner News

Search URL Search Domain Scan URL

URL: https://harrisondaily.com/
Title: Harrison Daily Times

Search URL Search Domain Scan URL

URL: http://newtoncountytimes.com/
Title: Newton County Times

Search URL Search Domain Scan URL

URL: http://www.westplainsdailyquill.net/
Title: West Plains Daily Quill

Search URL Search Domain Scan URL

URL: http://www.sedaliademocrat.com/
Title: Sedalia Democrat

Search URL Search Domain Scan URL

URL: https://www.warrensburgstarjournal.com/
Title: Star-Journal

Search URL Search Domain Scan URL

URL: https://www.whig.com/
Title: Herald-Whig

Search URL Search Domain Scan URL

URL: https://www.hannibal.net/
Title: Hannibal Courier Post

Search URL Search Domain Scan URL

URL: https://www.baxterbulletin.com/
Title: The Baxter Bulletin

Search URL Search Domain Scan URL

URL: https://www.kirksvilledailyexpress.com/
Title: Kirksville Daily Express

Search URL Search Domain Scan URL

URL: https://www.thebignickel.com/
Title: Big Nickel

Search URL Search Domain Scan URL

URL: https://nemotrader.net/
Title: NEMO Trader

Search URL Search Domain Scan URL

URL: http://creativecirclemedia.com/
Title: Powered by Creative Circle Media Solutions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.marshfieldmail.com// HTTP 307
https://www.marshfieldmail.com// HTTP 301
https://marshfieldmail.com// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request / Show response
marshfieldmail.com//
Redirect Chain

http://www.marshfieldmail.com//
https://www.marshfieldmail.com//
https://marshfieldmail.com//

50 KB
50 KB

638ms
186ms

Document
text/html

65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: fb760882d569ffb802244da01c174b3d6b96a9468554c9347f29097be76aa64b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Age: 0
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 23 Jun 2024 23:22:54 GMT
Expires: Sun, 23 Jun 2024 23:32:54 GMT
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: Communityq/3.0

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 23 Jun 2024 23:22:54 GMT
Server: Varnish
X-Varnish: 184458333
location: https://marshfieldmail.com//

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 212ms
54ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfe919b7a91a4e6139549439e7bb05fbd5fcac3003dd0a66b06122e9649a942b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 23 Jun 2024 23:22:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73110
x-xss-protection: 0
server: sffe
etag: "4b352ddb18ca8962"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 23 Jun 2024 23:22:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 151ms
46ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 14:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 14:05:07 GMT

GET
H/1.1 200
OK site.js Show response
marshfieldmail.com/js/ 406 B
763 B 439ms
148ms Script
application/javascript 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/js/site.js
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 0602c111401ccf28eeb1c3d1e95eb5472f29da9d27962ea90c6634f47d2e200d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Tue, 23 Mar 2021 16:58:08 GMT
Age: 5495
ETag: "196-5be3716383dec-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 202
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H/1.1 200
OK jquery.event.move.js Show response
marshfieldmail.com/js/ 14 KB
5 KB 438ms
147ms Script
application/javascript 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/js/jquery.event.move.js
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: e3d4de6e3610e09163eb3121a533fc4ad904d2e3a0b8a81fde2f656b31c7c8a8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:08 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Tue, 23 Mar 2021 16:58:08 GMT
Age: 5506
ETag: "38c2-5be3716383dec-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 4366
Expires: Sun, 23 Jun 2024 23:21:08 GMT

GET
H/1.1 200
OK jquery.twentytwenty.js Show response
marshfieldmail.com/js/ 5 KB
2 KB 440ms
148ms Script
application/javascript 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/js/jquery.twentytwenty.js
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 01b22415322727c6981c4a0ad32479e9f05fea40cee1d386b4b823224d8c527c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Tue, 23 Mar 2021 16:58:08 GMT
Age: 5495
ETag: "13d7-5be3716383dec-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 1343
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H/1.1 200
OK twentytwenty.css
marshfieldmail.com/css/ 6 KB
2 KB 286ms
146ms Stylesheet
text/css 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/css/twentytwenty.css
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: f0e0bc0ca5734e265fc905c710869862a2f3b5743b487c5128277d923fe7936f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Tue, 23 Mar 2021 16:58:08 GMT
Age: 5495
ETag: "19bf-5be3716381eac-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 1078
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H3 200 bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.1.1/css/ 98 KB
21 KB 92ms
47ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1454557
cdn-cachedat: 08/25/2022 04:46:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"8a7442ca6bedd62cec4881040b9a9e83"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: dfa42f7d8fed91579a7ade936ecae16d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8988390dea12c06a-WAW
cdn-requestpullsuccess: True

GET
H2 200 sm_sticker.css
proxy.webwidgets.accuweather.com/css/ 18 KB
5 KB 212ms
93ms Stylesheet
text/css 2a02:26f0:480:d88::3926
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy.webwidgets.accuweather.com/css/sm_sticker.css
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d88::3926 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Kestrel /
Resource Hash: 622709f827a3e56615f826bb360aab5c62d42c689a121e05127832ce7f820c7c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:367c9844-1596-4b91-b82c-27d28c925650
date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 19:56:48 GMT
server: Kestrel
etag: "1d763b2e81948fa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=67548
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 4861
expires: Mon, 24 Jun 2024 18:08:43 GMT

GET
H/1.1 200
OK cq_base_beta.css
marshfieldmail.com/css_system/ 9 KB
3 KB 433ms
146ms Stylesheet
text/css 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/css_system/cq_base_beta.css
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 0b672276168fd8b413d0991141e365c6419caf9f82fd8b2b7baabaa2397824e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Thu, 28 Mar 2024 15:03:57 GMT
Age: 5495
ETag: "24c0-614b9d51f2868-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 2286
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H/1.1 200
OK style.css
marshfieldmail.com/css/ 87 KB
16 KB 584ms
294ms Stylesheet
text/css 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/css/style.css
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 756076f53f1d071c8e13bb083a57277ce72f947f08b154bd75cad379b0bd54ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Mon, 03 Jun 2024 18:57:35 GMT
Age: 5495
ETag: "15d1e-61a00e806e8a3-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 15353
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 153ms
61ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

aa5206485d6d09f1339c5697252812d932be2658fa95d833cda8c6bf74fdcbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31942
x-xss-protection: 0
server: cafe
etag: 819 / 19897 / m202406170101 / config-hash: 994685364493883849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Jun 2024 23:22:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 93ms
29ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d212f65d1757a3e8a2d98620fce1ec2fdf952ac9fab78d8dbb932e9ba7d2d2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Origin: https://marshfieldmail.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Jun 2024 23:22:55 GMT
content-md5: YIAjeMeUeQiTO8pgmajA8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1368, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: H8WoKuXoKM3GJbxa8k2WOrXbED1oqCk9ZQtGVetdnpHtVqoB1/k6j3Pra4T64x9PmzAM4Vs61l5AiinJsX6s4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 29ffeee4518a82b54944e6a1207fe1fb
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "5577cbf40db1ccb93d8d6b1371af1118"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 23 Jun 2024 23:36:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
94 KB 165ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee8598ce680616b75a8e5db44afdc105715e30e2f67c95ae9fd96f7e27428ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95892
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 23:22:55 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 89ms
45ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 755
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1706444
cdn-cachedat: 11/30/2023 17:43:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ab8626e4b724b111058794b60ba8757c
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8988390dea15c06a-WAW
cdn-requestpullsuccess: True

GET
H/1.1 200
OK rvb.css
marshfieldmail.com/css/ 4 KB
1 KB 439ms
150ms Stylesheet
text/css 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/css/rvb.css?cb=1719184974
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 66c8119e1d23fab0127e4df74f00e36971d7b3106aa79eb4c7c18be07207792c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 23:22:55 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Thu, 02 Sep 2021 13:11:52 GMT
Age: 0
ETag: "f56-5cb02ed24e24b-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 942
Expires: Mon, 24 Jun 2024 00:52:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 177ms
76ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2E8MRKYY2F

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff030fcdd1073457c10575668411dface12ce9149c7cab3f07ba2cf26f342c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 23:22:55 GMT

GET
H/1.1 200
OK rvb.js Show response
marshfieldmail.com/js/ 3 KB
1 KB 580ms
147ms Script
application/javascript 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/js/rvb.js
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: b5bc7d23762b4c9b109474db687e664cda5658b209ca97f0a8065a28465f5876

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Thu, 02 Sep 2021 13:11:52 GMT
Age: 5495
ETag: "c6b-5cb02ed24f1eb-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 934
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H/1.1 200
OK marshfield-nameplate.jpg
marshfieldmail.com/images/ 54 KB
55 KB 291ms
290ms Image
image/jpeg 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshfieldmail.com/images/marshfield-nameplate.jpg
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 96a82b0624566088c2c7f8e2f2b411a19b106a1559804ea00c1fd01e868e0dd2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:50:56 GMT
Via: Communityq/3.0
Last-Modified: Tue, 23 Mar 2021 16:58:08 GMT
Age: 5519
ETag: "d88e-5be3716382e4c"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 55438
Expires: Sun, 23 Jun 2024 23:20:56 GMT

GET current.gif
images.marshfieldmail.com/forecast/ 0
0

GET
H/1.1 200
OK MM-Logo.png
marshfieldmail.com/images/ 138 KB
138 KB 295ms
293ms Image
image/png 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshfieldmail.com/images/MM-Logo.png
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 06edcbf3073ebb937422706a90097260f2c60380b9e159b0180d50c64764586f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 23:15:44 GMT
Via: Communityq/3.0
Last-Modified: Tue, 23 Mar 2021 16:58:08 GMT
Age: 430
ETag: "226dc-5be3716382e4c"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 141020
Expires: Mon, 24 Jun 2024 00:45:44 GMT

GET
H2 200 signup-form-widget.min.js Show response
static.ctctcdn.com/js/signup-form-widget/current/ 972 KB
53 KB 113ms
36ms Script
application/javascript 172.64.147.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.103 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc75487ea5ae5e6cab27c457ee4bcb5a39ac8938159e46283ca447c516aa9782

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 15:34:18 GMT
server: cloudflare
age: 847241
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 898839131cd358d8-TXL
content-length: 54153
expires: Sat, 14 Jun 2025 03:47:10 GMT

GET
H3 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 55ms
53ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1068
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1071023
cdn-cachedat: 03/18/2024 12:14:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 77ab1d360e15b9df4cfa4500efe97a3b
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 898839124de3c06a-WAW
cdn-requestpullsuccess: True

GET
H/1.1 200
OK cookies-disabled-warning.js Show response
marshfieldmail.com/js_system/misc/ 1 KB
1 KB 148ms
146ms Script
application/javascript 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/js_system/misc/cookies-disabled-warning.js?vs=20240619
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 75528a834feda2a2e7da5857c07773ed4781367aa533ff98b6ee94e0aff9460a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Mon, 09 Jan 2023 15:49:00 GMT
Age: 5495
ETag: "4da-5f1d6b4ba16ab-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 610
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H/1.1 200
OK banners.css
marshfieldmail.com/css_system/ 10 KB
2 KB 149ms
146ms Stylesheet
text/css 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/css_system/banners.css?vs=20240619
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 91a9167acbca85eaebc908e9fb71fb7133acb76e8b705878ce840b35305df208

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Tue, 12 Mar 2024 16:12:54 GMT
Age: 5495
ETag: "272c-61378ee3decc6-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 1488
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H/1.1 200
OK / Show response
bandel.creativecirclemedia.com/ 19 KB
19 KB 769ms
306ms Script
text/javascript 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://bandel.creativecirclemedia.com/?client_id=marshfield&vs=20240619
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 2e682308a3b116c799659fcc1e5b2023e6613a7320d12894efeb1b59eb2b5bc6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 23:22:56 GMT
Via: Communityq/3.0
Age: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK rvb.js Show response
marshfieldmail.com/js_system/ 5 KB
2 KB 150ms
148ms Script
application/javascript 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/js_system/rvb.js?vs=20240619
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 07155e8e833e45880c20692b43919ffa5968214b91c489507415f96e82327399

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com//
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Thu, 18 Jan 2024 13:55:00 GMT
Age: 5495
ETag: "153b-60f38b5a9ae8e-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 1402
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H/1.1 200
OK cq_base.css
marshfieldmail.com/css_system/ 27 KB
5 KB 147ms
146ms Stylesheet
text/css 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldmail.com/css_system/cq_base.css
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com/css_system/cq_base_beta.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: ddbfd2781069202d5cd817eec8fb2390a14f9b101637203331033f66632b062e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/css_system/cq_base_beta.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 23 Jun 2024 21:51:20 GMT
Content-Encoding: gzip
Via: Communityq/3.0
Last-Modified: Mon, 09 Jan 2023 15:49:00 GMT
Age: 5495
ETag: "6dd0-5f1d6b4b97a6b-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 4444
Expires: Sun, 23 Jun 2024 23:21:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
927 B 156ms
56ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@500;600;700&display=swap

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f248486c4b6c126100b7b00b6bf84ff83b8a1689621f4b77d02bdd4ec8fd0c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Jun 2024 23:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 23:22:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Jun 2024 23:22:55 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406071948000/v0/ 8 KB
3 KB 139ms
47ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406071948000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

81c62c86ae6312a2d659fbb98d2c1f96df9f17750c243d3a7187c81d06b3943e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Origin: https://marshfieldmail.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jun 2024 18:02:53 GMT
age: 451202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2977
x-xss-protection: 0
server: sffe
etag: "a476e4d9b6073913"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Jun 2025 18:02:53 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 146ms
46ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://marshfieldmail.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:52:28 GMT
x-content-type-options: nosniff
age: 462627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:52:28 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 90ms
67ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://marshfieldmail.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
cdn-cachedat: 10/31/2023 19:08:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 73cb2975d6531a731e0ac438dcb10540
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 898839127ee64510-TXL
cdn-requestpullsuccess: True

GET
H/1.1 200
OK ajs.php Show response
marshfieldbanners.creativecirclemedia.com/www/delivery/ 1 KB
2 KB 520ms
157ms Script
text/javascript 162.242.142.155
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=19&block=1&blockcampaign=1&cb=56100726844&charset=UTF-8&loc=https%3A//marshfieldmail.com//
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.242.142.155 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 463eb6429bf67f00b8b3e70cc20be9f6d88fe8bf4de18457079c13dee71ac624

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 23:22:56 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1323
Expires: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 31ms
30ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=31ab767f900f836416b5f5bcfbc0ddee

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abd307d6d55f5d8c4923635a4648da4390e85c78dbf20358672a82ad01f7d657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Origin: https://marshfieldmail.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Jun 2024 23:22:55 GMT
content-md5: qNkjm/RXa4bofamJ4IPRwA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87597
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=20, mss=1368, tbw=6593, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: ZaqxvRj5qjXdCQM1M7pb6CGHl04xGeIzeYGohc+ryCwMUVsSsGFLFH2CuB4GrG0VAPt20lBv8lWI85xRYj1IQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6187ed4c62fb35caf52e81d9f91508a8
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "d5b4e37479007c2fafdeee727285f970"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 23 Jun 2025 22:28:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 463 KB
144 KB 45ms
45ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 03:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69872
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147664
x-xss-protection: 0
server: cafe
etag: 1926151935331161023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Jun 2025 03:58:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 97ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YX9ZNSCVQ5&gtm=45je46j0v886835795za200&_p=1719184975717&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198083785.1719184976&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719184976&sct=1&seg=0&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&dt=Marshfield%20Mail&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2484&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-168829801-31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4779c325bf7ccd86c53d988a464ba0dc90ff654ffe0b72895ff5a27c2cb46bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76700
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Jun 2024 23:22:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2E8MRKYY2F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b168f080079072de743e2c8d71004b951593ca38eb7131e23843d8137026c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 23:22:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
99 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S17TWQY0G4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

389b825331c8b0342e4b8d6c4283b0f0be1d670bead456b93d8cb6ff8ed57d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100762
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 23:22:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 89ms
89ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-168829801-25&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98bd23d361702b8e408ae850c9f316c3496c26168a06acc9cd784bcbb9841ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76730
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Jun 2024 23:22:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 94ms
94ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-59805019-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13adf11b5d76b7ba17307aa375f6f215ef33560cf4780f2b415afd21d0e951a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 23:22:56 GMT

GET
H2 200 21843165966 Show response
fundingchoicesmessages.google.com/i/ 197 KB
66 KB 186ms
74ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21843165966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

436c2c7908df6a18f3f11c704a7d35582ba5b90d7b9553919f49c20a61fec11f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Oqs46QuHiS0MaRaCr5tu-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Oqs46QuHiS0MaRaCr5tu-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmII1JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lAvHji6yngFiIm-PCnUeb2QQ2tDxNV9JIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDO01DMwjS8wAADUojoB"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 52ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2E8MRKYY2F&gtm=45je46j0v9114794746za200zb886835795&_p=1719184975717&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198083785.1719184976&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1719184976&sct=1&seg=0&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&dt=Marshfield%20Mail&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2529&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2E8MRKYY2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 60ms
60ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-77WK6NTWQP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168829801-31&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fe4e8b19d29193fc9cee1139d3c8d2a25852d57f7b4c970f37bec52cc6098f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Jun 2024 23:22:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 144ms
45ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168829801-31&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Jun 2024 22:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 24 Jun 2024 00:29:07 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 34ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S17TWQY0G4&gtm=45je46j0v899249055za200zb886835795&_p=1719184975717&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198083785.1719184976&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719184976&sct=1&seg=0&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&dt=Marshfield%20Mail&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2656&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S17TWQY0G4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
3 KB 142ms
50ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8545f6f49b5d7254495bd38fa37d0c39aa89fe54ccf14b6f09ce542de0733d3f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 12:32:28 GMT
server: cloudflare
age: 2573
etag: W/"10f0-61b294660f05b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 898839162997bf36-WAW
expires: Sun, 23 Jun 2024 23:40:03 GMT

GET
H/1.1 200
OK lg.php
marshfieldbanners.creativecirclemedia.com/www/delivery/ 43 B
519 B 157ms
157ms Image
image/gif 162.242.142.155
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshfieldbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=50&campaignid=48&zoneid=19&loc=https%3A%2F%2Fmarshfieldmail.com%2F%2F&cb=b416f41e91
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.242.142.155 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 23:22:56 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK ajs.php Show response
marshfieldbanners.creativecirclemedia.com/www/delivery/ 536 B
1 KB 310ms
153ms Script
text/javascript 162.242.142.155
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://marshfieldbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=21&block=1&blockcampaign=1&cb=74130657776&exclude=,bannerid:50,campaignid:48,&charset=UTF-8&loc=https%3A//marshfieldmail.com//&context=Yjo1MCNjOjQ4fA%3D%3D
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.242.142.155 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d8bcf04838059b9a10bb8950e79080445a39e0b99d66af6cea4ec4f6419bfe6a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 23:22:56 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 536
Expires: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-77WK6NTWQP&gtm=45je46j0v9124220963za200&_p=1719184975717&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198083785.1719184976&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719184976&sct=1&seg=0&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&dt=Marshfield%20Mail&en=page_view&_fv=1&_ss=1&tfd=2744&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77WK6NTWQP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 52ms
52ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1150959862&t=pageview&_s=1&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&ul=de-de&de=UTF-8&dt=Marshfield%20Mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1022012540&gjid=1308306538&cid=1198083785.1719184976&tid=UA-168829801-31&_gid=1311960486.1719184976&_r=1&gtm=457e46j0za200zb886835795&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=908758048

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 53ms
53ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1150959862&t=pageview&_s=1&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&ul=de-de&de=UTF-8&dt=Marshfield%20Mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=308678081&gjid=542283871&cid=1198083785.1719184976&tid=UA-168829801-25&_gid=1311960486.1719184976&_r=1&gtm=457e46j0za200zb886835795&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1790179412

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 53ms
53ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1150959862&t=pageview&_s=1&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&ul=de-de&de=UTF-8&dt=Marshfield%20Mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=628458295&gjid=834453593&cid=1198083785.1719184976&tid=UA-59805019-6&_gid=1311960486.1719184976&_r=1&gtm=457e46j0za200zb886835795&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1670916195

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUEHrgM0KU5oMB72-BPnJWJfGrhP2MZiNZD9ieJMKxg3S74e3-Jjq7L_hLvOanDm8dCvb_OI0usJaz5FNsNbv4ei1tAHsScOsB_bov9ZCb0CHFWiujoLkk6QYvXmGUk0oErIHlc_Q== Show response
fundingchoicesmessages.google.com/f/ 415 KB
63 KB 139ms
139ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUEHrgM0KU5oMB72-BPnJWJfGrhP2MZiNZD9ieJMKxg3S74e3-Jjq7L_hLvOanDm8dCvb_OI0usJaz5FNsNbv4ei1tAHsScOsB_bov9ZCb0CHFWiujoLkk6QYvXmGUk0oErIHlc_Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5MTg0OTc2LDM2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tYXJzaGZpZWxkbWFpbC5jb20vLyIsbnVsbCxbWzgsInJxcmtPcUxKT1F3Il0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMw1SQPJiiWeO_cIkHjTM_KbQ70rlQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25eec108c7598adbf47ec5d50566c7f264526805a06e19281ceee2227c7776ac

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YIjMXLlelpy4NKsiynX8zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YIjMXLlelpy4NKsiynX8zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII0pBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4iURF1kPJV5kPfj4IutJIBbi4bhw59FmNoEJH5beYVTSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTAztNQzMI0vMAAAwqg_kw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1936.002-3.034/ 189 KB
58 KB 58ms
58ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d5b4430af3a2762bd52b10babc5e255f43bfd695f2dceb6afa37553be8c08f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 11:44:14 GMT
server: cloudflare
age: 2405
etag: W/"2f3cd-61a0ef81564c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8988391689fabf36-WAW
expires: Tue, 23 Jul 2024 22:42:51 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 103ms
34ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-59805019-6&cid=1198083785.1719184976&jid=628458295&gjid=834453593&_gid=1311960486.1719184976&npa=1&_u=YADAAUABAAAAACAAI~&z=582568301

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 23 Jun 2024 23:22:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 manage
router.infolinks.com/usync/ Frame 3551 0
0 196ms
149ms Document
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3338577&wsid=0&pdom=marshfieldmail.com&purl=https%3A%2F%2Fmarshfieldmail.com%2F%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://marshfieldmail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 898839174b2d450a-TXL
content-length: 0
date: Sun, 23 Jun 2024 23:22:56 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
43 B 169ms
160ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3338577&wsid=0&pdom=marshfieldmail.com&purl=https%3A%2F%2Fmarshfieldmail.com%2F%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 898839171a56bf36-WAW
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 313 B
483 B 169ms
161ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3338577&pdom=marshfieldmail.com&purl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&jsv=1936.002-3.034&_cb=17191849764750
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 188fa921ead5147591834c7279257da6f69c25655d3a80f004ebfd1840451fcf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript;charset=UTF-8
p3p: CP="NON DSP NID OUR COR"
cache-control: max-age=0
cf-ray: 898839171a58bf36-WAW
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 60ms
60ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rqrkOqLJOQw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwcEmua66vAPOKRuHEyEQgw1Mc-DQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 23:22:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Jun 2024 23:22:56 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Origin: https://marshfieldmail.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options: nosniff
age: 462553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:53:43 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 65ms
65ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: marshfieldmail.com
URL: https://marshfieldmail.com//

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Origin: https://marshfieldmail.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:42:02 GMT
x-content-type-options: nosniff
age: 463254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:42:02 GMT

POST
H3 204 AGSKWxUkckI8_trZ6c3PXeZcaX9FICj3Qqh4CZt9bpYwuyAWsqZVlbA_4W1-SxoQN-bFJJfducVa35mYR-JGz2IjY-OVwqfq7rQ4f6kOZFE4jJiyCjOPAgNLmJS3NnLQho0hh8LVXsfjDA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 151ms
57ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkckI8_trZ6c3PXeZcaX9FICj3Qqh4CZt9bpYwuyAWsqZVlbA_4W1-SxoQN-bFJJfducVa35mYR-JGz2IjY-OVwqfq7rQ4f6kOZFE4jJiyCjOPAgNLmJS3NnLQho0hh8LVXsfjDA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D_dGThFMtY3dI8vYJbGwAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-D_dGThFMtY3dI8vYJbGwAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3HhzqPNbAIbmh8cZ1JyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhpZ6BubxBQYAdQwsQQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUkckI8_trZ6c3PXeZcaX9FICj3Qqh4CZt9bpYwuyAWsqZVlbA_4W1-SxoQN-bFJJfducVa35mYR-JGz2IjY-OVwqfq7rQ4f6kOZFE4jJiyCjOPAgNLmJS3NnLQho0hh8LVXsfjDA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Az0YbM8uF9BIPHnzrJD_LQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-Az0YbM8uF9BIPHnzrJD_LQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3HhzqPNbAIdp3-cZlJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhpZ6BubxBQYAiZwshQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lg.php
marshfieldbanners.creativecirclemedia.com/www/delivery/ 43 B
519 B 158ms
157ms Image
image/gif 162.242.142.155
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marshfieldbanners.creativecirclemedia.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=21&loc=https%3A%2F%2Fmarshfieldmail.com%2F%2F&cb=e57f043f00
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.242.142.155 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 23:22:56 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 43
Expires: 0

GET
H2 200 sm_sticker.js Show response
proxy.webwidgets.accuweather.com/js/ 137 KB
45 KB 71ms
71ms Script
application/javascript 2a02:26f0:480:d88::3926
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy.webwidgets.accuweather.com/js/sm_sticker.js
Requested by: Host: marshfieldmail.com
URL: https://marshfieldmail.com//
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d88::3926 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Kestrel /
Resource Hash: 24769de98f3617a1afce061c1714ebeb8bab55a8131063c9138e44a08b4cb17b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:367c9844-1596-4b91-b82c-27d28c925650
date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 19:56:48 GMT
server: Kestrel
etag: "1d763b2e81b2273"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=52731
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 45923
expires: Mon, 24 Jun 2024 14:01:47 GMT

GET
H3 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 65ms
35ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 266397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5303
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p95iOFMdDp9WWigH29o%2B%2ByuaUC3jotNhdYWZlLNP43gurqzj4iTvzFLYubab9%2BJTHo0kHxBSJ3xmR4PPxmsBFcpdw9lwXscdJBuat8rNORBa9X%2Bwwdj8SPiWpPdfWXsWMGDEUb4q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89883917d9d28f55-CPH
expires: Fri, 13 Jun 2025 23:22:56 GMT

GET
H/1.1 200
OK / Show response
bandel.creativecirclemedia.com/creatives/ 24 B
593 B 597ms
160ms XHR
application/json 65.61.154.4
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://bandel.creativecirclemedia.com/creatives/?client_id=marshfield&placement_ids=1
Requested by: Host: bandel.creativecirclemedia.com
URL: https://bandel.creativecirclemedia.com/?client_id=marshfield&vs=20240619
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 65.61.154.4 , United States, ASN33070 (RMH-14, US),
Reverse DNS: fw.criticalmix.com
Software: /
Resource Hash: 6aa98d6367675f1064a5c53e9c81ebe2362755f9522ee5c1d04fffdf8e92d0de

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 23:22:57 GMT
Via: Communityq/3.0
Age: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
Content-Length: 24
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
972 B 147ms
54ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

00814048f9ed5e4fbaf83c4ec17754b7a60e40cf6ba5299798f619462fad9a2a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 23 Jun 2024 23:22:56 GMT

POST
H2 200 doq.htm Show response
rt3004.infolinks.com/action/ 0
249 B 340ms
244ms XHR
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3004.infolinks.com/action/doq.htm?pcode=utf-8&r=17191849766511
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1936.002-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:22:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 89883918bf69bf28-WAW
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 518 KB
207 KB 152ms
47ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Origin: https://marshfieldmail.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 13:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210814
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Jun 2025 13:32:13 GMT

GET
H2 200 signup-form-widget.css
static.ctctcdn.com/js/signup-form-widget/current/ 36 KB
3 KB 41ms
40ms Stylesheet
text/css 172.64.147.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.css
Requested by: Host: static.ctctcdn.com
URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.103 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ec0263d406e2e385454d1856eec5285a9033f5e4a38c19cebade6e99eb57d3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:22:57 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 15:34:18 GMT
server: cloudflare
age: 234
cf-polished: origSize=51270
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=900, public
x-robots-tag: noindex
cf-ray: 8988391b096d58d8-TXL
expires: Mon, 23 Jun 2025 23:13:47 GMT

GET
H2 200 d9796332b5361ffd1f685260da86763f.json Show response
listgrowth.ctctcdn.com/v1/ 2 KB
2 KB 515ms
437ms XHR
application/json 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://listgrowth.ctctcdn.com/v1/d9796332b5361ffd1f685260da86763f.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf9cae9ce8433b0be356a958cc36e8dc1fcfc084260d3005dc91e9f1e1c5dc9a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: pboX9DyIWLAMQ6vefMz_U._JEMFzmUuH
content-encoding: gzip
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
date: Sun, 23 Jun 2024 23:22:58 GMT
x-amz-request-id: 1CASBTYAQ2CD04JV
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: JsA4oaWsj+Vfv8nf+4Q8h7mKcOtklggibSCX3JGpi4D0bjP+Pkqgh74pUl2/rDUAQQomijKN0f4=
recaptcha-key: 6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
last-modified: Fri, 08 Dec 2023 17:58:06 GMT
server: AmazonS3
etag: W/"3e321cba8b51f8d3cb4eaf5b646a16a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: recaptcha-key
cache-control: max-age=5
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: iVn8qybuH5MmFBElKE86iNASplRE7VVLBJYsbgyBxhXtxUH62nXt1Q==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YX9ZNSCVQ5&gtm=45je46j0v886835795za200&_p=1719184975717&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198083785.1719184976&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1719184976&sct=1&seg=0&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&dt=Marshfield%20Mail&en=scroll&epn.percent_scrolled=90&_et=26&tfd=7511&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX9ZNSCVQ5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:23:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S17TWQY0G4&gtm=45je46j0v899249055za200zb886835795&_p=1719184975717&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1198083785.1719184976&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1719184976&sct=1&seg=0&dl=https%3A%2F%2Fmarshfieldmail.com%2F%2F&dt=Marshfield%20Mail&en=scroll&epn.percent_scrolled=90&_et=3&tfd=7660&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S17TWQY0G4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://marshfieldmail.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 23 Jun 2024 23:23:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marshfieldmail.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: images.marshfieldmail.com
URL: https://images.marshfieldmail.com/forecast/current.gif

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.marshfieldmail.com/	1970-01-21 07:09:04	Name: _ga_YX9ZNSCVQ5 Value: GS1.1.1719184976.1.0.1719184976.0.0.0
.marshfieldmail.com/	1970-01-21 07:09:04	Name: _ga_2E8MRKYY2F Value: GS1.1.1719184976.1.0.1719184976.0.0.0
.marshfieldmail.com/	1970-01-21 07:09:04	Name: _ga_S17TWQY0G4 Value: GS1.1.1719184976.1.0.1719184976.0.0.0
marshfieldbanners.creativecirclemedia.com/	1970-01-21 06:18:40	Name: OAID Value: 01000111010001000101000001010010
.marshfieldmail.com/	1970-01-21 07:09:04	Name: _ga_77WK6NTWQP Value: GS1.1.1719184976.1.0.1719184976.0.0.0
.marshfieldmail.com/	1970-01-21 07:09:04	Name: _ga Value: GA1.2.1198083785.1719184976
.marshfieldmail.com/	1970-01-20 21:34:31	Name: _gid Value: GA1.2.1311960486.1719184976
.marshfieldmail.com/	1970-01-20 21:33:05	Name: _gat_gtag_UA_168829801_31 Value: 1
.marshfieldmail.com/	1970-01-20 21:33:05	Name: _gat_gtag_UA_168829801_25 Value: 1
.marshfieldmail.com/	1970-01-20 21:33:05	Name: _gat_gtag_UA_59805019_6 Value: 1
marshfieldmail.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 1704b346-5141-4e3a-993a-cca1c38cd65c
.infolinks.com/	1970-01-21 07:09:04	Name: cuid Value: 9e0f5745-4201-401d-9c83-7f3ca7719d0d

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://marshfieldmail.com// Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://marshfieldmail.com//(Line 698) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://marshfieldbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=19&block=1&blockcampaign=1&cb=56100726844&charset=UTF-8&loc=https%3A//marshfieldmail.com//, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://marshfieldmail.com//(Line 913) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://marshfieldbanners.creativecirclemedia.com/www/delivery/ajs.php?zoneid=21&block=1&blockcampaign=1&cb=74130657776&exclude=,bannerid:50,campaignid:48,&charset=UTF-8&loc=https%3A//marshfieldmail.com//&context=Yjo1MCNjOjQ4fA%3D%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bandel.creativecirclemedia.com
cdn.ampproject.org
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
images.marshfieldmail.com
listgrowth.ctctcdn.com
marshfieldbanners.creativecirclemedia.com
marshfieldmail.com
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
proxy.webwidgets.accuweather.com
region1.google-analytics.com
resources.infolinks.com
router.infolinks.com
rt3004.infolinks.com
securepubads.g.doubleclick.net
static.ctctcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.marshfieldmail.com
images.marshfieldmail.com
104.17.25.14
104.18.11.207
142.250.185.200
142.250.185.78
142.250.186.68
143.204.98.65
162.242.142.155
172.217.18.2
172.64.147.103
172.66.41.9
172.66.42.247
2001:4860:4802:34::36
216.239.32.36
216.58.206.33
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9c
2a02:26f0:480:d88::3926
2a03:2880:f084:105:face:b00c:0:3
65.61.154.4
00814048f9ed5e4fbaf83c4ec17754b7a60e40cf6ba5299798f619462fad9a2a
01b22415322727c6981c4a0ad32479e9f05fea40cee1d386b4b823224d8c527c
04ec0263d406e2e385454d1856eec5285a9033f5e4a38c19cebade6e99eb57d3
0602c111401ccf28eeb1c3d1e95eb5472f29da9d27962ea90c6634f47d2e200d
06edcbf3073ebb937422706a90097260f2c60380b9e159b0180d50c64764586f
07155e8e833e45880c20692b43919ffa5968214b91c489507415f96e82327399
0b672276168fd8b413d0991141e365c6419caf9f82fd8b2b7baabaa2397824e6
13adf11b5d76b7ba17307aa375f6f215ef33560cf4780f2b415afd21d0e951a5
188fa921ead5147591834c7279257da6f69c25655d3a80f004ebfd1840451fcf
24769de98f3617a1afce061c1714ebeb8bab55a8131063c9138e44a08b4cb17b
25eec108c7598adbf47ec5d50566c7f264526805a06e19281ceee2227c7776ac
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e682308a3b116c799659fcc1e5b2023e6613a7320d12894efeb1b59eb2b5bc6
389b825331c8b0342e4b8d6c4283b0f0be1d670bead456b93d8cb6ff8ed57d0e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
436c2c7908df6a18f3f11c704a7d35582ba5b90d7b9553919f49c20a61fec11f
463eb6429bf67f00b8b3e70cc20be9f6d88fe8bf4de18457079c13dee71ac624
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
622709f827a3e56615f826bb360aab5c62d42c689a121e05127832ce7f820c7c
66c8119e1d23fab0127e4df74f00e36971d7b3106aa79eb4c7c18be07207792c
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6aa98d6367675f1064a5c53e9c81ebe2362755f9522ee5c1d04fffdf8e92d0de
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
75528a834feda2a2e7da5857c07773ed4781367aa533ff98b6ee94e0aff9460a
756076f53f1d071c8e13bb083a57277ce72f947f08b154bd75cad379b0bd54ce
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81c62c86ae6312a2d659fbb98d2c1f96df9f17750c243d3a7187c81d06b3943e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8545f6f49b5d7254495bd38fa37d0c39aa89fe54ccf14b6f09ce542de0733d3f
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
8b168f080079072de743e2c8d71004b951593ca38eb7131e23843d8137026c48
91a9167acbca85eaebc908e9fb71fb7133acb76e8b705878ce840b35305df208
96a82b0624566088c2c7f8e2f2b411a19b106a1559804ea00c1fd01e868e0dd2
98bd23d361702b8e408ae850c9f316c3496c26168a06acc9cd784bcbb9841ee1
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
aa5206485d6d09f1339c5697252812d932be2658fa95d833cda8c6bf74fdcbfb
abd307d6d55f5d8c4923635a4648da4390e85c78dbf20358672a82ad01f7d657
b1d5b4430af3a2762bd52b10babc5e255f43bfd695f2dceb6afa37553be8c08f
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b4779c325bf7ccd86c53d988a464ba0dc90ff654ffe0b72895ff5a27c2cb46bb
b5bc7d23762b4c9b109474db687e664cda5658b209ca97f0a8065a28465f5876
bf9cae9ce8433b0be356a958cc36e8dc1fcfc084260d3005dc91e9f1e1c5dc9a
bfe919b7a91a4e6139549439e7bb05fbd5fcac3003dd0a66b06122e9649a942b
cc75487ea5ae5e6cab27c457ee4bcb5a39ac8938159e46283ca447c516aa9782
d212f65d1757a3e8a2d98620fce1ec2fdf952ac9fab78d8dbb932e9ba7d2d2ef
d8bcf04838059b9a10bb8950e79080445a39e0b99d66af6cea4ec4f6419bfe6a
ddbfd2781069202d5cd817eec8fb2390a14f9b101637203331033f66632b062e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d4de6e3610e09163eb3121a533fc4ad904d2e3a0b8a81fde2f656b31c7c8a8
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
ee8598ce680616b75a8e5db44afdc105715e30e2f67c95ae9fd96f7e27428ace
f0e0bc0ca5734e265fc905c710869862a2f3b5743b487c5128277d923fe7936f
f248486c4b6c126100b7b00b6bf84ff83b8a1689621f4b77d02bdd4ec8fd0c88
fb760882d569ffb802244da01c174b3d6b96a9468554c9347f29097be76aa64b
fe4e8b19d29193fc9cee1139d3c8d2a25852d57f7b4c970f37bec52cc6098f6d
ff030fcdd1073457c10575668411dface12ce9149c7cab3f07ba2cf26f342c1f

marshfieldmail.com Open in urlscan Pro 65.61.154.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

46 %IPv6

15 Domains

27 Subdomains

27 IPs

4 Countries

2246 kBTransfer

6753 kBSize

12 Cookies

22 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

marshfieldmail.com Open in urlscan Pro
65.61.154.4 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

46 %
IPv6

15
Domains

27
Subdomains

27
IPs

4
Countries

2246 kB
Transfer

6753 kB
Size

12
Cookies

75 HTTP transactions
0 data transactions