www.authentic8.com Open in urlscan Pro
34.120.76.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI=
Effective URL:
https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQ...
Submission: On September 29 via api (September 29th 2022, 4:32:04 pm UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 33 domains to perform 134 HTTP transactions. The main IP is 34.120.76.49, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.authentic8.com. The Cisco Umbrella rank of the primary domain is 601982.
TLS certificate: Issued by GTS CA 1D4 on September 13th 2022. Valid for: 3 months.

This is the only time www.authentic8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	34.120.76.49 34.120.76.49	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:dc:... 2a02:26f0:dc::6853:528	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:e14e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:dc:... 2a02:26f0:dc::6853:509	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
3	52.36.157.138 52.36.157.138	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:ca00:7:c19d:4100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.237.246.197 44.237.246.197	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	92.123.8.217 92.123.8.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:402::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400e:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:236... 2600:9000:236e:5e00:19:3bcd:f3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.189.71 13.224.189.71	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.40 13.224.189.40	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	54.229.197.178 54.229.197.178	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	54.189.189.83 54.189.189.83	16509 (AMAZON-02) (AMAZON-02)
134	46

1 104.17.74.206 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

email.authentic8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 34.120.76.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.76.120.34.bc.googleusercontent.com

www.authentic8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:dc::6853:528 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.73.206 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

silo.authentic8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc::6853:509 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.36.157.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-157-138.us-west-2.compute.amazonaws.com

player.captivate.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:ca00:7:c19d:4100:93a1 (United States)

ASN16509 (AMAZON-02, US)

status.authentic8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.246.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-246-197.us-west-2.compute.amazonaws.com

api.lever.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.8.217 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-8-217.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

metadata-static-files.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:402::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

431-rsm-422.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:803::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:5e00:19:3bcd:f3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

image.status.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-71.fra2.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-40.fra2.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.197.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-197-178.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

artwork.captivate.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.189.189.83 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-189-83.us-west-2.compute.amazonaws.com

api.captivate.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	authentic8.com www.authentic8.com — Cisco Umbrella Rank: 601982 silo.authentic8.com status.authentic8.com	556 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 95	797 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 419	130 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	71 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1735 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3582 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3609 tracking.crazyegg.com — Cisco Umbrella Rank: 3569	36 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 static.doubleclick.net — Cisco Umbrella Rank: 342	3 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 588	134 KB
5	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 275 fonts.googleapis.com — Cisco Umbrella Rank: 41	31 KB
5	captivate.fm player.captivate.fm — Cisco Umbrella Rank: 121864 artwork.captivate.fm — Cisco Umbrella Rank: 149156 api.captivate.fm — Cisco Umbrella Rank: 129638	489 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 365 www.linkedin.com — Cisco Umbrella Rank: 625 px4.ads.linkedin.com — Cisco Umbrella Rank: 6161	4 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5431 www.google.com — Cisco Umbrella Rank: 2	15 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6301	628 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	63 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 7308	32 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	222 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 2843	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	152 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 540	726 B
1	t.co t.co — Cisco Umbrella Rank: 495	376 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 118	19 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 228	2 KB
1	status.io image.status.io — Cisco Umbrella Rank: 469767	11 KB
1	mktoresp.com 431-rsm-422.mktoresp.com	318 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 8656	203 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 681	384 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 624	15 KB
1	digitaloceanspaces.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 34672	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 758	3 KB
1	lever.co api.lever.co — Cisco Umbrella Rank: 153757	4 KB
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3090	551 B
1	authentic8.net email.authentic8.net	1 KB
134	33

	Domain	Requested by
36	www.authentic8.com	email.authentic8.net www.authentic8.com
9	www.youtube.com	www.authentic8.com www.youtube.com
8	cdn.cookielaw.org	www.authentic8.com cdn.cookielaw.org
6	silo.authentic8.com	www.authentic8.com silo.authentic8.com
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
5	use.typekit.net	www.authentic8.com use.typekit.net
4	jnn-pa.googleapis.com	www.youtube.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	www.google.com	www.youtube.com www.authentic8.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
3	www.google.de	www.authentic8.com
3	www.google-analytics.com	www.googletagmanager.com cdn.bizible.com
3	player.captivate.fm	www.authentic8.com player.captivate.fm
3	cdn.bizible.com	www.authentic8.com cdn.bizible.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com	www.authentic8.com
2	stats.g.doubleclick.net	www.googletagmanager.com cdn.bizible.com
2	connect.facebook.net	email.authentic8.net connect.facebook.net
2	munchkin.marketo.net	email.authentic8.net munchkin.marketo.net
2	www.googletagmanager.com	www.authentic8.com www.googletagmanager.com
1	api.captivate.fm	player.captivate.fm
1	artwork.captivate.fm	player.captivate.fm
1	fonts.googleapis.com	player.captivate.fm
1	tracking.crazyegg.com	script.crazyegg.com
1	analytics.twitter.com	www.authentic8.com
1	t.co	www.authentic8.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	image.status.io	www.authentic8.com
1	static.doubleclick.net	www.youtube.com
1	431-rsm-422.mktoresp.com	munchkin.marketo.net
1	px4.ads.linkedin.com	www.authentic8.com
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.bizibly.com	www.authentic8.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.ads-twitter.com	email.authentic8.net
1	metadata-static-files.sfo2.cdn.digitaloceanspaces.com	email.authentic8.net
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	api.lever.co	www.authentic8.com
1	status.authentic8.com	www.authentic8.com
1	p.typekit.net	use.typekit.net
1	fast.fonts.net	www.authentic8.com
1	email.authentic8.net
134	48

This site contains links to these domains. Also see Links.

Domain
support.authentic8.com
status.authentic8.com
www.linkedin.com
twitter.com
www.facebook.com
www.youtube.com
www.osintukraine.com
sector035.nl
www.g2.com
www.gartner.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
email.authentic8.net Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
www.authentic8.com GTS CA 1D4	`2022-09-13` - `2022-12-12`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
silo.authentic8.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.captivate.fm Go Daddy Secure Certificate Authority - G2	`2021-12-15` - `2023-01-16`	a year	crt.sh
status.authentic8.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-25` - `2023-07-27`	a year	crt.sh
lever.co Amazon	`2022-05-09` - `2023-06-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-09` - `2022-10-07`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.status.io Amazon	`2022-01-05` - `2023-02-01`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Frame ID: 1DCB4A4C8C722CA3E110FDDE049A12DF
Requests: 97 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BixSK3rO-As
Frame ID: FF60DD1FCC37719776C5098D21070806
Requests: 21 HTTP requests in this frame

Frame: https://player.captivate.fm/episode/dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db
Frame ID: 0305B7B3FED3BDEE0096D482D0CCA683
Requests: 9 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0106/2384/site/www.authentic8.com.json?t=1
Frame ID: 531A4B45E3CDB2FE570FE247899EEA98
Requests: 5 HTTP requests in this frame

Frame: https://silo.authentic8.com/index.php/form/XDFrame
Frame ID: 6095878A751F1A7F5EA6417B20BF2D9E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

S1E27 | Where Woodward meets Holmes: OSINT and investigative journalism | authentic8Back ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCy... Page URL
https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=ND... Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

134
Requests

97 %
HTTPS

59 %
IPv6

33
Domains

48
Subdomains

46
IPs

6
Countries

2710 kB
Transfer

7911 kB
Size

38
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://support.authentic8.com/support/home
Title: Support Portal

Search URL Search Domain Scan URL

URL: https://status.authentic8.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://support.authentic8.com/support/tickets/new
Title: Create a Support Ticket

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism&title=S1E27%20|%20Where%20Woodward%20meets%20Holmes:%20OSINT%20and%20investigative%20journalism&source=https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism&hashtags=Hashtag

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism&title=S1E27%20|%20Where%20Woodward%20meets%20Holmes:%20OSINT%20and%20investigative%20journalism

Search URL Search Domain Scan URL

URL: https://twitter.com/brechtcastel
Title: @brechtcastel

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCMBPtmmDDhzy3nndMd2pJBA
Title: YouTube channel

Search URL Search Domain Scan URL

URL: https://twitter.com/brechtcastel/status/1572830245710872576
Title: Investigation of a suspicious mosquito

Search URL Search Domain Scan URL

URL: http://www.osintukraine.com/
Title: OSINTUkraine.com

Search URL Search Domain Scan URL

URL: https://sector035.nl/articles/category:week-in-osint
Title: Week in OSINT newsletter

Search URL Search Domain Scan URL

URL: https://twitter.com/authentic8?lang=en

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/authentic8

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Authentic8/

Search URL Search Domain Scan URL

URL: https://www.g2.com/products/authentic8-silo/reviews#reviews

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/security-threat-intelligence-services/vendor/authentic8/product/silo-for-research

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI= Page URL
https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=731034&time=1664469118434&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D731034%26time%3D1664469118434%26url%3Dhttps%253A%252F%252Fwww.authentic8.com%252Fneedlestack%252Fs1e27-brecht-castel-osint-journalism%253Futm_source%253Demail%2526mkt_tok%253DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=731034&time=1664469118434&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=731034&time=1664469118434&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&liSync=true&e_ipv6=AQLj-9XTPq7M3gAAAYOKFzA0y0Vw-hRU80dcaF9_P0hbt9vBg8o_RoIe-_O3SDS3BaEnbxMKjurs--abfvjumIu4Qx5-NA

Request Chain 90

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

134 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI=
email.authentic8.net/ 580 B
1 KB 403ms
221ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-OPg4ekYb2W9nTk1XHmtGsQe4by2DzpfpDV+3zwNvbsw=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 75261cab6ca2bb43-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-OPg4ekYb2W9nTk1XHmtGsQe4by2DzpfpDV+3zwNvbsw=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Thu, 29 Sep 2022 16:31:56 GMT
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-request-id: d31ab8de3c921793

GET
H2 200 Primary Request s1e27-brecht-castel-osint-journalism Show response
www.authentic8.com/needlestack/ 75 KB
22 KB 373ms
281ms Document
text/html 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg

Requested by

Host: email.authentic8.net
URL: https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e6bfbb076c955bce43985fad0dfbce33bbe1b96de23408ba678bf53380638ca0

Security Headers

Name	Value
Content-Security-Policy	report-uri https://corpweb-origin.authentic8.com/report-uri/enforce
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://email.authentic8.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: must-revalidate, no-cache, private
content-encoding: gzip
content-language: en
content-security-policy: report-uri https://corpweb-origin.authentic8.com/report-uri/enforce
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 16:31:57 GMT
expect-ct: max-age=86400
expires: Sun, 19 Nov 1978 05:00:00 GMT
permissions-policy: interest-cohort=()
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish, 1.1 google
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe1-b-59c55499c6-p9sq7
x-served-by: cache-chi-kigq8000142-CHI, cache-fra19162-FRA
x-styx-req-id: 3c43cc99-4014-11ed-b0f2-3e37ced82a7d
x-timer: S1664469117.232800,VS0,VE255
x-ua-compatible: IE=edge

GET
H2 200 css_9m8-tA3IQf8ThlLQYTTZUyEweCvyR908Tg0XCbKYOfY.css
www.authentic8.com/sites/default/files/css/ 7 KB
2 KB 19ms
17ms Stylesheet
text/css 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.authentic8.com/sites/default/files/css/css_9m8-tA3IQf8ThlLQYTTZUyEweCvyR908Tg0XCbKYOfY.css

Requested by

Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f66f3eb40dc841ff138652d06134d9532130782bf247dd3c4e0d1709b29839f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 13:05:11 GMT
age: 12406
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2153
x-served-by: cache-hhn4064-HHN
last-modified: Fri, 09 Sep 2022 17:48:52 GMT
server: nginx
traceparent: 00-e3d87a6ab8ef43b69bf2a1f8e02f924e-d4f466acc7ba41a2-00
x-timer: S1664456711.229165,VS0,VE2
etag: W/"631b7c84-1b00"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: f50ac44c-3447-11ed-a947-ce58c7b6167f
x-cloud-trace-context: e3d87a6ab8ef43b69bf2a1f8e02f924e/15345002722629403042;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-68d6b4b9d4-rn82r

GET
H2 200 css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css
www.authentic8.com/sites/default/files/css/ 938 KB
143 KB 19ms
18ms Stylesheet
text/css 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

57841912f44c2c1b0bf3568a196691d9d5cead8268c04f2e9d1ebfa08bab9d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 13:49:12 GMT
age: 9765
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146199
x-served-by: cache-hhn4033-HHN
last-modified: Sat, 17 Sep 2022 06:24:25 GMT
server: nginx
traceparent: 00-339ae001d64a456c843c53b88caf04af-8380f03d3b7bb5c3-00
x-timer: S1664459353.594430,VS0,VE2
etag: W/"63256819-ea6a1"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 65ce00a7-3651-11ed-a735-0ed41e7efdc9
x-cloud-trace-context: 339ae001d64a456c843c53b88caf04af/9475837761769158083;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-667698d55-fxm6h

GET
H2 200 jnz0xlg.css
use.typekit.net/ 3 KB
952 B 210ms
34ms Stylesheet
text/css 2a02:26f0:dc::6853:528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jnz0xlg.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:528 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fdd57bce597618d68724ebe6aaf4f153bee609f407dec513835ec6b0390c050d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 29 Sep 2022 16:31:57 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 721

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 178ms
58ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Sep 2022 16:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
age: 9644
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Thu, 29 Sep 2022 06:35:44 GMT
server: cloudflare
etag: 0x8DAA1E4D6783E41
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b3637eba-601e-0064-23d2-d36846000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75261cb16d1f6973-FRA

GET
H3 200 top_nav_search.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 336 B
275 B 60ms
57ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/top_nav_search.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

eeb019dbff2eb6f67c58b9ba8bfaba26a12fa8215e7bc89c35a02ecabb5092fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-served-by: cache-fra19132-FRA
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-db6d1c6bf5844a6a90dce18921b2d6f4-d212fd972683db53-00
x-timer: S1664391172.583088,VS0,VE14
etag: W/"6329b830-150"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 4c8ab584-38e6-11ed-ae73-3e1bccf29cf4
x-cloud-trace-context: db6d1c6bf5844a6a90dce18921b2d6f4/15137440123173722963;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-9h48p

GET
H3 200 authentic8-black-logo.svg
www.authentic8.com/themes/authentic8/templates/dist/images/placeholder/ 4 KB
1 KB 60ms
57ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/placeholder/authentic8-black-logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

423d4eec1339448f4aa84c1688615824c45175f0065391df656b16c55ea53474

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1422
x-served-by: cache-fra19169-FRA
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-e1d3f8b26ec7473b887a788e937020e9-99ee9d8e5d8a31ae-00
x-timer: S1664391172.582175,VS0,VE9
etag: W/"6329b830-fa1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 4c956741-38e6-11ed-bfc9-be3e1b75d786
x-cloud-trace-context: e1d3f8b26ec7473b887a788e937020e9/11091976167040364974;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-qnxkn

GET
H3 200 Trust_and_safety_icon.png
www.authentic8.com/sites/default/files/content/icons/ 7 KB
7 KB 61ms
57ms Image
image/png 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/sites/default/files/content/icons/Trust_and_safety_icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e11a859a46bb9144653d48567c17c2873f732e69f4f4b81b9c3809a6d19622f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-b-795468cd66-lj4hc
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 13:05:11 GMT
age: 12406
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7625
x-served-by: cache-fra19175-FRA
last-modified: Fri, 09 Sep 2022 17:48:52 GMT
server: nginx
traceparent: 00-02c0eb89300b4752b1c2ba5af2157c68-cb049aa55c421ccd-00
x-timer: S1664456711.459136,VS0,VE24
etag: "631b7c84-1dc9"
content-type: image/png
x-styx-req-id: 2c00b901-3446-11ed-9282-be419e65a6dd
x-cloud-trace-context: 02c0eb89300b4752b1c2ba5af2157c68/14628987524614331597;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 fraud.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 3 KB
1 KB 62ms
59ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/fraud.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0e97d882d8bf2d51568428b176e42d1297c48a07edd91cbb0b5099343e7705e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 00:50:39 GMT
age: 56478
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1070
x-served-by: cache-fra19135-FRA
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-0e1215491cc94dcf9ccbcb9dfef3ac63-fb5814cb126de8da-00
x-timer: S1664412639.200702,VS0,VE1
etag: W/"6329b830-bab"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: ab094d41-38e3-11ed-a174-0692ea30632e
x-cloud-trace-context: 0e1215491cc94dcf9ccbcb9dfef3ac63/18111248763890559194;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-nq8ql

GET
H3 200 cyberthreat.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 1 KB
607 B 62ms
59ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/cyberthreat.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

dc3e30d73c7337791da10df2b7f777ad0f1158f0a9cc11e8f30da41e6bf131b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 574
x-served-by: cache-fra19183-FRA
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-611ca704cfe14aa5bbec73432e6ae02c-263c7c4cb830aa8a-00
x-timer: S1664391172.593214,VS0,VE9
etag: W/"6329b830-587"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 1752310c-38e5-11ed-9ba8-d2dceacb2694
x-cloud-trace-context: 611ca704cfe14aa5bbec73432e6ae02c/2755213740993456778;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-xks46

GET
H3 200 house.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 2 KB
1 KB 63ms
60ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/house.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d3da04882389816898551d378170f0e7c1e84e69168b600115bee5505c4db767

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1061
x-served-by: cache-hhn4073-HHN
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-6ed70d408404406cad3e049a66c9ddb9-2326f289a8a6d18f-00
x-timer: S1664391172.590809,VS0,VE3
etag: W/"6329b830-9cb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 17633558-38e5-11ed-8281-66011bd4a4e4
x-cloud-trace-context: 6ed70d408404406cad3e049a66c9ddb9/2532978513496428943;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-tmvnx

GET
H3 200 research.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 2 KB
925 B 63ms
60ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/research.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3660e15c764894e47dd639cccb1be2722a7ec4b366c378e7e781c2e5ea0085d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 00:50:39 GMT
age: 56478
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 886
x-served-by: cache-hhn4026-HHN
last-modified: Tue, 20 Sep 2022 12:55:08 GMT
server: nginx
traceparent: 00-f255f34ec6754fc0b13a2259a896ad46-f3343ca64a57ecd6-00
x-timer: S1664412639.198351,VS0,VE1
etag: W/"6329b82c-7a3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 17748341-38e5-11ed-9ba8-d2dceacb2694
x-cloud-trace-context: f255f34ec6754fc0b13a2259a896ad46/17524698734914956502;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-xks46

GET
H3 200 intelligence.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 2 KB
1 KB 64ms
61ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/intelligence.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

04d69a778c3d73c5df4a59a8256df36064d72ef8e902ac8fbdbd51dd6b9612c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1107
x-served-by: cache-hhn4042-HHN
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-decb886d97e445bfaf1b0f00c825ab8c-3d1c1f728cda69c5-00
x-timer: S1664391172.589577,VS0,VE2
etag: W/"6329b82b-875"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 17867184-38e5-11ed-8281-66011bd4a4e4
x-cloud-trace-context: decb886d97e445bfaf1b0f00c825ab8c/4403429112511359429;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-tmvnx

GET
H3 200 worker.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 4 KB
2 KB 65ms
62ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/worker.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f125605f3dcc16406bfe126890d6af261d57c95cb026f40667e08a3ea0181b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 12:06:03 GMT
age: 15954
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1834
x-served-by: cache-fra19140-FRA
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-0c802e7e490042829b311612c0900735-fc44fd7af02579a6-00
x-timer: S1664453163.338101,VS0,VE7
etag: W/"6329b830-f8a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 1797be53-38e5-11ed-ae73-3e1bccf29cf4
x-cloud-trace-context: 0c802e7e490042829b311612c0900735/18177932700430989734;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-9h48p

GET
H3 200 hands.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 2 KB
1 KB 66ms
63ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/hands.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b6a633dbf42e630b45247bb202c603b88cbb2b2bcdbabc3bf5ce5f53d1456f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1011
x-served-by: cache-hhn4044-HHN
last-modified: Tue, 20 Sep 2022 12:55:08 GMT
server: nginx
traceparent: 00-f8f91cdf1724486db970f66c4fcfadb1-18272b68e99fd4b8-00
x-timer: S1664391172.615550,VS0,VE2
etag: W/"6329b82c-8d2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: ab70bbaa-38e3-11ed-ae73-3e1bccf29cf4
x-cloud-trace-context: f8f91cdf1724486db970f66c4fcfadb1/1740407510598145208;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-9h48p

GET
H3 200 secure.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 2 KB
869 B 65ms
62ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/secure.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a785c237b04f286b58bf2a1a00defb8ca716c5217fd81f71d858bb0c877f24be

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 00:50:39 GMT
age: 56478
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 828
x-served-by: cache-hhn4061-HHN
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-fd1bc217462e45e98724b0809b76c075-c561e6e54e906b29-00
x-timer: S1664412639.200170,VS0,VE2
etag: W/"6329b830-781"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: ab9a7a61-38e3-11ed-a174-0692ea30632e
x-cloud-trace-context: fd1bc217462e45e98724b0809b76c075/14222902970752723753;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-nq8ql

GET
H3 200 cloud.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 3 KB
1 KB 66ms
63ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/cloud.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8b32ecaefdb46554be1d9922139999f06e9ac0c00749fd1331256c7b304c523c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-served-by: cache-hhn4060-HHN
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-16ed8069cbcc4572bd206723a204dd09-e51b7bd91ff4e540-00
x-timer: S1664391172.607623,VS0,VE3
etag: W/"6329b82b-b7a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: ab9ec6df-38e3-11ed-8281-66011bd4a4e4
x-cloud-trace-context: 16ed8069cbcc4572bd206723a204dd09/16508925031530947904;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-tmvnx

GET
H3 200 silo-logo-dark.svg
www.authentic8.com/themes/authentic8/templates/dist/images/ 7 KB
2 KB 66ms
63ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/silo-logo-dark.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9c1891f73f3ed4d8ebb227bf01630b986fbf347cbc9e977e75f89fc7f8dcc094

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-served-by: cache-hhn4081-HHN
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-eff127ce7f4e4c479b6541e0f9578900-a3e9d4348e2f5c24-00
x-timer: S1664391172.615718,VS0,VE3
etag: W/"6329b830-1a2e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 4c93a103-38e6-11ed-a174-0692ea30632e
x-cloud-trace-context: eff127ce7f4e4c479b6541e0f9578900/11811204819944692772;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-nq8ql

GET
H3 200 product_hover.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/new_icon/ 830 B
529 B 67ms
64ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/new_icon/product_hover.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d408bc1816b61306ec9c3f936a965f0bb1cf5043175be3b0dc4ecfe6ec14ae50

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-6db730fc03bd43bc86e3e4a792500837-f16d140672dc5868-00
x-timer: S1664391172.608550,VS0,VE3
etag: W/"6329b830-33e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 4c930cf5-38e6-11ed-9ad9-fec9fd6e2baa
x-cloud-trace-context: 6db730fc03bd43bc86e3e4a792500837/17396582953531496552;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-wt7v4

GET
H3 200 free-trial2.svg
www.authentic8.com/themes/authentic8/templates/dist/images/svg/ 1 KB
648 B 67ms
64ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/svg/free-trial2.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1d486c1e81468de1c2724cfb481101a6fb40a533a21a3e0b163fca9c8ac57310

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 00:50:39 GMT
age: 56478
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 605
x-served-by: cache-fra19150-FRA
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-427930ecb9d94be4aa726fc54022afd3-a49f0e23744833b0-00
x-timer: S1664412639.203359,VS0,VE4
etag: W/"6329b82b-596"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 4c93abca-38e6-11ed-a174-0692ea30632e
x-cloud-trace-context: 427930ecb9d94be4aa726fc54022afd3/11862215488954708912;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-nq8ql

GET
H3 200 meet_icon2.svg
www.authentic8.com/themes/authentic8/templates/dist/images/svg/ 2 KB
813 B 67ms
64ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/svg/meet_icon2.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

be325f69619aa971a189dc8399a025b5464e58ef1e658e32a0f2a13ff0eac3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 10:30:33 GMT
age: 21684
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-served-by: cache-hhn4033-HHN
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-8efaa423c17241b7b25f3be87fbd786d-174b00426f1f3e7b-00
x-timer: S1664447433.491512,VS0,VE2
etag: W/"6329b830-882"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: abd4bd6d-38e3-11ed-8281-66011bd4a4e4
x-cloud-trace-context: 8efaa423c17241b7b25f3be87fbd786d/1678435571457801851;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-tmvnx

GET
H3 200 search-icon.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 867 B
512 B 67ms
64ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/search-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

24d86f2fe75548a688d6b8a3443b25341d11725b6ab8fdcb81ba313c2788bff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:26:23 GMT
age: 334
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-served-by: cache-hhn4036-HHN
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-ae90157415b4415a8a21d90486cf850f-e03cea79c3a0a065-00
x-timer: S1664468784.875238,VS0,VE3
etag: W/"6329b830-363"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 18127ff5-38e5-11ed-9ba8-d2dceacb2694
x-cloud-trace-context: ae90157415b4415a8a21d90486cf850f/16158047371792523365;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-xks46

GET
H3 200 home-icon.svg
www.authentic8.com/themes/authentic8/templates/dist/images/ 1 KB
504 B 68ms
65ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/home-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

436a49a751591aa80d97484d2d7fcc2f416d6ff6dd247a8bd675a3087798f304

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:51 GMT
age: 77946
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 460
x-served-by: cache-fra19121-FRA
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-cad5f6a4e84d4da9a06a38d682c6dbea-cd5303c86858b800-00
x-timer: S1664391172.789529,VS0,VE11
etag: W/"6329b82b-417"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 1814b28e-38e5-11ed-8281-66011bd4a4e4
x-cloud-trace-context: cad5f6a4e84d4da9a06a38d682c6dbea/14795173360121198592;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-tmvnx

GET
H3 200 white-linkedin-icon.svg
www.authentic8.com/themes/authentic8/templates/dist/images/banner-with-video/svg/ 553 B
390 B 68ms
65ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/banner-with-video/svg/white-linkedin-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

78752e4cb95a684c918488b2f8a054d3621111baf4c62689a3498d3cb6b05a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:30:50 GMT
age: 67
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 27 Sep 2022 08:57:38 GMT
server: nginx
traceparent: 00-b5e317ac1b184fd197479540f6b8a189-fb840453d0d1d956-00
x-timer: S1664469051.920081,VS0,VE2
etag: W/"6332bb02-229"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 63b9b039-3e4f-11ed-a191-f25a8dc407b3
x-cloud-trace-context: b5e317ac1b184fd197479540f6b8a189/18123615558477928790;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7576c5746c-gbmzm

GET
H3 200 white-twitter-square.svg
www.authentic8.com/themes/authentic8/templates/dist/images/banner-with-video/svg/ 706 B
428 B 68ms
66ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/banner-with-video/svg/white-twitter-square.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5336f5fd6572d1469408cb88f7b442f3777fb26c47b36c23001f59ff1a5d8dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:30:50 GMT
age: 67
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388
x-served-by: cache-hhn4023-HHN
last-modified: Thu, 22 Sep 2022 15:24:08 GMT
server: nginx
traceparent: 00-e2384482f9ca46b2ba9ef740f7ec6460-86694edd64b79fac-00
x-timer: S1664469051.919739,VS0,VE3
etag: W/"632c7e18-2c2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 7da1e771-3bcf-11ed-95f4-f25a8dc407b3
x-cloud-trace-context: e2384482f9ca46b2ba9ef740f7ec6460/9685359186421456812;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7576c5746c-gbmzm

GET
H3 200 white-email-icon.svg
www.authentic8.com/themes/authentic8/templates/dist/images/banner-with-video/svg/ 704 B
465 B 69ms
66ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/banner-with-video/svg/white-email-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

03ab51250e083d7fddbdf2cd487bf0b0d3e896a784a07587ef04585dcf61960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:30:50 GMT
age: 67
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 422
x-served-by: cache-fra19125-FRA
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-8082bc97f0384e769e662a062847c5a7-387c39f7edbf576b-00
x-timer: S1664469051.922933,VS0,VE3
etag: W/"6329b82b-2c0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: f38044c5-397c-11ed-8e5e-c629f6f003da
x-cloud-trace-context: 8082bc97f0384e769e662a062847c5a7/4070191900244531051;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-lhf64

GET
H3 200 white-facebook-square-icon.svg
www.authentic8.com/themes/authentic8/templates/dist/images/banner-with-video/svg/ 418 B
332 B 69ms
66ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/banner-with-video/svg/white-facebook-square-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

67bcfbb4f3c8c3a4542f109d71d4acf23a5b2943918bc817d02575a6436f7a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:18:08 GMT
age: 829
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-served-by: cache-fra19127-FRA
last-modified: Sun, 25 Sep 2022 05:55:02 GMT
server: nginx
traceparent: 00-047ca2de66ba4380ba445d0392140ba9-ff4d4a7950627e44-00
x-timer: S1664468289.640094,VS0,VE3
etag: W/"632fed36-1a2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 202c62e8-3e3b-11ed-8bb8-7e3262cb6e9f
x-cloud-trace-context: 047ca2de66ba4380ba445d0392140ba9/18396441937778474564;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-7754866d5c-htccw

GET
H2 200 forms2.min.js Show response
silo.authentic8.com/js/forms2/js/ 208 KB
69 KB 347ms
171ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silo.authentic8.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 04:01:35 GMT
server: cloudflare
age: 841
etag: "2fe1b58-33e51-5e9503bee9160"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75261cb2dd98695e-FRA
expires: Thu, 29 Sep 2022 20:31:58 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 105ms
22ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D4) /
Resource Hash: 4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 18:43:46 GMT
server: ECS (frb/67D4)
age: 69419
etag: "3bafb313a1d2d81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32316

GET
H3 200 authentic8-white-logo.svg
www.authentic8.com/themes/authentic8/templates/dist/images/placeholder/ 4 KB
1 KB 69ms
66ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/placeholder/authentic8-white-logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6c9021e59dd8f84307c3bad8ce443f34824982f6e83eb2604b8bbba41125fad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 00:51:07 GMT
age: 56450
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1419
x-served-by: cache-fra19168-FRA
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-1931d441a250420bab464429a6c2c7d2-fcaa14b686541049-00
x-timer: S1664412667.208624,VS0,VE2
etag: W/"6329b82b-f9e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 18d1156d-38e5-11ed-ae73-3e1bccf29cf4
x-cloud-trace-context: 1931d441a250420bab464429a6c2c7d2/18206387217768910921;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-9h48p

GET
H3 200 gartner-icon.png
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 3 KB
3 KB 72ms
69ms Image
image/png 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/gartner-icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d588e51adbf2a8bd146b84473600647d7c95a5efa7f7f7775592bb20801661e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-qnxkn
strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 12:26:17 GMT
age: 14740
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2898
x-served-by: cache-fra19149-FRA
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-2f0da574090a4dae803a0849de086571-8f7fbf9b29ba6d99-00
x-timer: S1664454378.570089,VS0,VE4
etag: "6329b830-b52"
content-type: image/png
x-styx-req-id: 4c974783-38e6-11ed-bfc9-be3e1b75d786
x-cloud-trace-context: 2f0da574090a4dae803a0849de086571/10340193942606867865;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 close-btn.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 212 B
213 B 72ms
69ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/close-btn.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

33c7e2eb884267121c2f6de555ab827a6e30aa51f5b26671cb6bb444e5d90e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 05:31:31 GMT
age: 39626
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 20 Sep 2022 12:55:08 GMT
server: nginx
traceparent: 00-f33e351784af424c83d12b79882c4178-fc0e800cfac84976-00
x-timer: S1664429492.870286,VS0,VE2
etag: W/"6329b82c-d4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: f507a5fc-38e5-11ed-b1f4-1a2cfde0a3b7
x-cloud-trace-context: f33e351784af424c83d12b79882c4178/18162595140467181942;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-47t6q

GET
H3 200 close_icon.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/ 434 B
301 B 72ms
70ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/header_svg/close_icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e367234c9dc9a134df1a9a192c4037c239744d1894ab507fe3462ea597aec993

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 05:31:31 GMT
age: 39626
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-served-by: cache-hhn4075-HHN
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-1fd4bb29b91345eebe33c958b7cbb99b-98c9da20235c39dc-00
x-timer: S1664429492.871107,VS0,VE2
etag: W/"6329b82b-1b2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: f508c739-38e5-11ed-a174-0692ea30632e
x-cloud-trace-context: 1fd4bb29b91345eebe33c958b7cbb99b/11009570595650943452;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-nq8ql

GET
H3 200 js_RuV5zI6-J3KiRINBUE3i_3Vde3gmhh0CeGwuM15IpGo.js Show response
www.authentic8.com/sites/default/files/js/ 697 KB
204 KB 19ms
19ms Script
application/x-javascript 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.authentic8.com/sites/default/files/js/js_RuV5zI6-J3KiRINBUE3i_3Vde3gmhh0CeGwuM15IpGo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

46e579cc8ebe2772a2448341504de2ff755d7b7826861d02786c2e335e48a46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 10:25:16 GMT
age: 22001
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209180
x-served-by: cache-hhn4042-HHN
last-modified: Fri, 09 Sep 2022 17:48:52 GMT
server: nginx
traceparent: 00-80a5b84a18e844578064c0c7ee018bef-fcfc9d71cb3c110b-00
x-timer: S1664447116.119781,VS0,VE4
etag: W/"631b7c84-ae542"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 2bd811a1-3446-11ed-a928-eed7cc519a81
x-cloud-trace-context: 80a5b84a18e844578064c0c7ee018bef/18229618503755501835;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-68d6b4b9d4-2s9xj

GET
H2 200 1.css
fast.fonts.net/t/ 0
551 B 212ms
85ms Stylesheet
text/css 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=ce3f72e4-e293-47b2-aa77-88106c8e4843
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:57 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: GQSHPNQEYNF8Q2SW
age: 453344
content-length: 0
x-amz-id-2: rNTjAWdTwboC6XnmkNCd0Iynz89LvqAfaVT/G0sh+4LvBzcBx+kQrAX0TyNKPhVcnxoHqi4x1M4=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
cf-ray: 75261cb1ca0c9b2d-FRA
x-amz-meta-mtime: 1519217722

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 209ms
34ms Stylesheet
text/css 2a02:26f0:dc::6853:509
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jnz0xlg&ht=tk&f=139.173.175.5474&a=507388&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jnz0xlg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:509 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 29 Sep 2022 16:31:57 GMT
last-modified: Sat, 16 Oct 2021 05:50:56 GMT
server: nginx
etag: "616a6840-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
76 KB 72ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P647G96

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff74505c6a3510a7ceaa4cfa8ce1472acf8ccd354f80caa0556804e7253cb495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77698
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Sep 2022 16:31:57 GMT

GET
H2 200 57397b19-ff3e-4c46-9fa3-5bf39b2f24ab.json Show response
cdn.cookielaw.org/consent/57397b19-ff3e-4c46-9fa3-5bf39b2f24ab/ 4 KB
2 KB 198ms
71ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/57397b19-ff3e-4c46-9fa3-5bf39b2f24ab/57397b19-ff3e-4c46-9fa3-5bf39b2f24ab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195369548bc4925a9d7f601ed22ccd80b2a9569f5f4c827d212fa3dd6d94ef79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WCBdNIEf7N+KHsy7YBJWsg==
age: 8096
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1503
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 20:59:11 GMT
server: cloudflare
etag: 0x8DA6C25072C55E4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d69b32e4-501e-000a-1a2b-a1c16f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75261cb4298b6943-FRA
expires: Thu, 29 Sep 2022 20:31:58 GMT

GET
H3 200 green_arrow.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 164 B
205 B 70ms
69ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/green_arrow.svg

Requested by

Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2578023f52f9c1461c52ed5893b7f6765fa1a0a689eeae365111df59fa99eef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 05:31:32 GMT
age: 39625
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 154
x-served-by: cache-fra19167-FRA
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-19b49bfbb332418887b59778c618c18f-506d17fa65516997-00
x-timer: S1664429492.429085,VS0,VE3
etag: W/"6329b82b-a4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: aaac166e-38e3-11ed-9ba8-d2dceacb2694
x-cloud-trace-context: 19b49bfbb332418887b59778c618c18f/5795314659704793495;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-xks46

GET
H2 200 l
use.typekit.net/af/e4b1a9/000000000000000077359571/30/ 32 KB
33 KB 135ms
34ms Font
application/font-woff2 2a02:26f0:dc::6853:528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e4b1a9/000000000000000077359571/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jnz0xlg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:528 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2ad1a3ce85195c70b579486b5b5b7721a42a5613b35e4a96e68a2d95bced9a3a

Request headers

Referer: https://use.typekit.net/jnz0xlg.css
Origin: https://www.authentic8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
server: nginx
etag: "b10a19accac4d75934ead3e517526b740bdb5a2c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33156

GET
H2 200 l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ 33 KB
33 KB 168ms
67ms Font
application/font-woff2 2a02:26f0:dc::6853:528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jnz0xlg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:528 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc

Request headers

Referer: https://use.typekit.net/jnz0xlg.css
Origin: https://www.authentic8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
server: nginx
etag: "f806d2fcac6bea1cced8320378bba8659e3a95e8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33364

GET
H2 200 l
use.typekit.net/af/98e3f6/000000000000000077359562/30/ 33 KB
34 KB 140ms
38ms Font
application/font-woff2 2a02:26f0:dc::6853:528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jnz0xlg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:528 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221

Request headers

Referer: https://use.typekit.net/jnz0xlg.css
Origin: https://www.authentic8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
server: nginx
etag: "27cd5d037b3d5bcc152de6c7fe0aa3098a381c24"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34148

GET
H2 200 BixSK3rO-As Show response
www.youtube.com/embed/ Frame FF60 67 KB
28 KB 167ms
86ms Document
text/html 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BixSK3rO-As

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ab9da9a2f333457b99e32436cc744587b30d385559522721ed39b539e963a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.authentic8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 29 Sep 2022 16:31:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db Show response
player.captivate.fm/episode/ Frame 0305 88 KB
88 KB 1099ms
511ms Document
text/html 52.36.157.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.captivate.fm/episode/dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.157.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-157-138.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 9be852406bdc157410ad62a3b8c036f6dbafc0aa189ea33aedb2662200afc6d0

Request headers

Referer: https://www.authentic8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Sep 2022 16:31:58 GMT
Server: nginx/1.20.0
transfer-encoding: chunked

GET
H3 200 linkedin-logo-green.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 522 B
374 B 45ms
44ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/linkedin-logo-green.svg

Requested by

Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

308ffb0c091fb909d1c759d3d4ff4fa68baf2647d533ee015adfb0756eb291d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:18:08 GMT
age: 829
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 323
x-served-by: cache-hhn4065-HHN
last-modified: Tue, 20 Sep 2022 12:55:07 GMT
server: nginx
traceparent: 00-169e2a0077544c8dbf8239aa6e45363c-5312465bce9e6c6a-00
x-timer: S1664468288.325799,VS0,VE4
etag: W/"6329b82b-20a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 349f2779-38e5-11ed-b1f4-1a2cfde0a3b7
x-cloud-trace-context: 169e2a0077544c8dbf8239aa6e45363c/5985924214851267690;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-a-7ddbbc6cd4-47t6q

GET
H3 200 twitter-icon-green.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 669 B
413 B 45ms
44ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/twitter-icon-green.svg

Requested by

Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6c3949442725eb812f10960fee1abc0ce4910738ef3d53b1b57ab0f574d280f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:30:50 GMT
age: 67
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-served-by: cache-hhn4038-HHN
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-e98ec25dcbe44d4fabd0ee3f93411079-c56b24473c5eeae1-00
x-timer: S1664469051.918211,VS0,VE2
etag: W/"6329b830-29d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 34a3da9e-38e5-11ed-9ba8-d2dceacb2694
x-cloud-trace-context: e98ec25dcbe44d4fabd0ee3f93411079/14225503736353975009;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-xks46

GET
H3 200 e-mail-w-icon.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 608 B
415 B 45ms
44ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/e-mail-w-icon.svg

Requested by

Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8bd0fa3d52f071c8545a0402cbe8fd22ed5138dc0374b285804a634a893b088a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:30:50 GMT
age: 67
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 359
x-served-by: cache-fra19146-FRA
last-modified: Tue, 20 Sep 2022 12:55:12 GMT
server: nginx
traceparent: 00-5908d047482945e1aab599acd9249969-ec7e045538ff7dbb-00
x-timer: S1664469051.949703,VS0,VE2
etag: W/"6329b830-260"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 349f80de-38e5-11ed-a174-0692ea30632e
x-cloud-trace-context: 5908d047482945e1aab599acd9249969/17041062804091534779;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-nq8ql

GET
H3 200 facebook-green.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 380 B
309 B 45ms
45ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/facebook-green.svg

Requested by

Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d09ae0b29cdd9b6718cdab21d5a4b96a25aca4797e67fb3397652b1a26cf77ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Thu, 29 Sep 2022 16:30:50 GMT
age: 67
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 20 Sep 2022 12:55:08 GMT
server: nginx
traceparent: 00-2ffe87b47f1c4c529a6f817cbc3d7bed-8cd8db6a137cedab-00
x-timer: S1664469051.919667,VS0,VE3
etag: W/"6329b82c-17c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 34a40050-38e5-11ed-9ba8-d2dceacb2694
x-cloud-trace-context: 2ffe87b47f1c4c529a6f817cbc3d7bed/10149103008919383467;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-xks46

GET
H2 200 getForm Show response
silo.authentic8.com/index.php/form/ 3 KB
1 KB 176ms
176ms Script
application/javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://silo.authentic8.com/index.php/form/getForm?munchkinId=431-RSM-422&form=1722&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism&callback=jQuery112409258627095197653_1664469118081&_=1664469118082
Requested by: Host: silo.authentic8.com
URL: https://silo.authentic8.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.73.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a0c2f74f2a2cc458deead559b05fa6c1fa322972b4b9cbeff40738b1b7a163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 75261cb438e0695e-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H3 200 white_arrow.svg
www.authentic8.com/themes/authentic8/templates/dist/images/icons/ 161 B
207 B 17ms
16ms Image
image/svg+xml 34.120.76.49
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.authentic8.com/themes/authentic8/templates/dist/images/icons/white_arrow.svg

Requested by

Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.76.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.76.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5289eb582a0c24a0f9720c24058f41ec2575268b896406eba59ce4df73b1d932

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/sites/default/files/css/css_V4QZEvRMLBsL81aKGWaR2dXOrYJowE8unR6_oIurnUQ.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 1
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 google
date: Wed, 28 Sep 2022 18:52:54 GMT
age: 77944
x-cache: HIT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152
x-served-by: cache-fra19150-FRA
last-modified: Tue, 20 Sep 2022 12:55:08 GMT
server: nginx
traceparent: 00-38e6dad927e54f22b69ca2f662f72288-85a4aa76ca330d9f-00
x-timer: S1664391175.545134,VS0,VE13
etag: W/"6329b82c-a1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: ac7feb1d-38e3-11ed-a174-0692ea30632e
x-cloud-trace-context: 38e6dad927e54f22b69ca2f662f72288/9630009330400169375;o=0
cache-control: max-age=3600,public
accept-ranges: bytes
x-pantheon-styx-hostname: styx-fe1-b-74ffb9549d-nq8ql

GET
H2 200 / Show response
status.authentic8.com/ 32 KB
7 KB 338ms
177ms XHR
text/html 2600:9000:2204:ca00:7:c19d:4100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://status.authentic8.com/
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/js/js_RuV5zI6-J3KiRINBUE3i_3Vde3gmhh0CeGwuM15IpGo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:ca00:7:c19d:4100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6d76f2d4fad6052afdce657abc9eb2dc8de609ff1a3b2f432880c7022cc3922e

Request headers

Accept: */*
Referer: https://www.authentic8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 264.490ms
date: Thu, 29 Sep 2022 16:31:58 GMT
via: 1.1 varnish, 1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: AMS50-C1
etag: W/"8114-PVRnoLuImjsn25opntf7zU+fHHU"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
x-varnish: 1426550909 1426254685
access-control-allow-origin: *
content-type: text/html; charset=utf-8
x-status-page-id: 53979231f2385e505000033b
accept-ranges: bytes
x-amz-cf-id: Pz8Nweo0dH2pHT5JpqclOga4iEhDFVQ4frde-xrtyfoUbOO5TNHMuQ==

GET
H/1.1 200
OK authentic8 Show response
api.lever.co/v0/postings/ 13 KB
4 KB 725ms
187ms XHR
application/json 44.237.246.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lever.co/v0/postings/authentic8?mode=json

Requested by

Host: www.authentic8.com
URL: https://www.authentic8.com/sites/default/files/js/js_RuV5zI6-J3KiRINBUE3i_3Vde3gmhh0CeGwuM15IpGo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.246.197 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-246-197.us-west-2.compute.amazonaws.com

Software

Resource Hash

ee78afa1b3c3e2aaf086a76eece62e870a7aa55cd267af644b31b2e23cf33262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.authentic8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 16:31:58 GMT
Strict-Transport-Security: max-age=15552000
X-Content-Type-Options: nosniff
X-Stream-Path: dapi
Content-Encoding: gzip
ETag: W/"356f-xpATrCbB6CAkefazqahHx8uVE+o"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H3 200 www-player.css
www.youtube.com/s/player/5248e50a/ Frame FF60 358 KB
49 KB 95ms
33ms Stylesheet
text/css 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b0ee7225ad88345a88cfb755b77a6b4741c45e7a1933f92a7345fc06c314e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BixSK3rO-As
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49798
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:48:14 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5248e50a/www-embed-player.vflset/ Frame FF60 305 KB
95 KB 132ms
70ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fee19626251374178b719acf5a9054e775ec7cd3c68438d4722bd0d56da48dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BixSK3rO-As
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97166
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:48:14 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/ Frame FF60 2 MB
578 KB 123ms
61ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c691eef5f1466c0589ffe91dfb84c9e3ae3be372cf40569e4f18543b8d6c563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BixSK3rO-As
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 592063
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:51:50 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/5248e50a/fetch-polyfill.vflset/ Frame FF60 9 KB
3 KB 93ms
32ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BixSK3rO-As
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:48:14 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 180ms
43ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P647G96
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=53659
accept-ranges: bytes
content-length: 3063

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 98ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P647G96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15699
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 16:31:58 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 115 KB
44 KB 72ms
31ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-P7QS38F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P647G96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a11c7a3725a346d42daa4378c3ba47741b55bb3e6c63497e54e917654e2acdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 16:31:58 GMT

GET
H2 200 2384.js Show response
script.crazyegg.com/pages/scripts/0106/ 6 KB
2 KB 112ms
46ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0106/2384.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P647G96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 984da40aebf4ab5fed766e400e7137a59d26154ea4cf9a28e0c321401e90e6dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 191848
cf-polished: origSize=5675
ce-version: 11.4.10
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 11:14:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 75261cb5481768eb-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 134ms
50ms Script
application/x-javascript 92.123.8.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: email.authentic8.net
URL: https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.8.217 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-8-217.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 16:31:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 6 KB
6 KB 113ms
30ms Script
application/x-javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Host: email.authentic8.net
URL: https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

10261b710e399a8cee22c8ff4118167d91ac58254f5bf0291036d2219dd5cf25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Thu, 22 Sep 2022 17:10:43 GMT
x-amz-request-id: tx0000000000000d135b3c6-00632c9724-3ade2f46-sfo2a
etag: "9a8767fa98da937fb02cdbbc52a101bb"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1664469118.dop210.lo4.t,1664469118.cds241.lo4.hn,1664469118.cds066.lo4.c
content-type: application/x-javascript
cache-control: max-age=2342
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5776

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 63ms
21ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: email.authentic8.net
URL: https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Sep 2022 16:31:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: s3oqPZQpUrzCmbM7U3xybISi0vC7J2aSRRjsGi9B5o4WfsgRlFbZofwlBmg8lxE8FaRZ+WPWTaMw4XKyr3mGxg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 464ms
50ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: email.authentic8.net
URL: https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kcgs7200095-IAD, cache-hhn11572-HHN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
76 KB 63ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CP3EN5P17J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P647G96

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd4eaaf83e3c26f8fb190da2ed0210200a1125554f3e69ba8e39e1437eec6022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 16:31:58 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
384 B 98ms
60ms XHR
application/json 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.authentic8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 75261cb51bb09202-FRA
access-control-allow-headers: Content-Type

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
303 B 18ms
17ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Femail.authentic8.net%2F&_biz_h=-1906410348&_biz_u=5bcfd84f6bc349eac2f65e97eff4ee5e&_biz_s=4d58eb&_biz_l=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&_biz_t=1664469118116&_biz_i=S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%20%7C%20authentic8&_biz_n=0&rnd=868568&cdn_o=a&_biz_z=1664469118213
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
last-modified: Wed, 28 Sep 2022 14:12:01 GMT
server: ECS (frb/6760)
age: 94797
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 18ms
18ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=5bcfd84f6bc349eac2f65e97eff4ee5e&_biz_s=4d58eb&_biz_l=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&_biz_t=1664469118215&_biz_i=S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%20%7C%20authentic8&rnd=239557&cdn_o=a&_biz_z=1664469118215
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
last-modified: Thu, 22 Sep 2022 23:58:33 GMT
server: ECS (frb/67C2)
age: 578006
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FF60 15 KB
16 KB 58ms
19ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 170717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FF60 15 KB
15 KB 60ms
21ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 238239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 22:21:19 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 84 B
389 B 126ms
126ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=5bcfd84f6bc349eac2f65e97eff4ee5e&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.08.11
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Thu, 29 Sep 2022 16:31:58 GMT
cache-control: private, must-revalidate, max-age=21600
server: ECS (frb/6711)
etag: EFEDFBC3
content-length: 84
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 forms2.css
silo.authentic8.com/js/forms2/css/ 13 KB
3 KB 48ms
47ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silo.authentic8.com/js/forms2/css/forms2.css

Requested by

Host: silo.authentic8.com
URL: https://silo.authentic8.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
age: 836
etag: "2fe09d9-3437-5e66047a81540"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75261cb56b83695e-FRA
content-length: 2623
expires: Thu, 29 Sep 2022 20:31:58 GMT

GET
H2 200 forms2-theme-inset.css
silo.authentic8.com/js/forms2/css/ 3 KB
1 KB 41ms
41ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silo.authentic8.com/js/forms2/css/forms2-theme-inset.css

Requested by

Host: silo.authentic8.com
URL: https://silo.authentic8.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 18:54:37 GMT
server: cloudflare
age: 836
etag: "e04b2-d86-5e66047a81540"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 75261cb56b86695e-FRA
content-length: 953
expires: Thu, 29 Sep 2022 20:31:58 GMT

GET
H3 200 290084823191113 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 35ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/290084823191113?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b954a2b62d40c9d189ff38093a85632aed0641b3e1d8fedbc290aefede6388d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Sep 2022 16:31:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85901
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LsoquXXK410Vn0+mzGJEF5WXIqbZf2idfgYnSpftqvJFoS/dBsws133lCdutHkOS814LLNN6EnBn+Q854n/tyw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
19 KB 54ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P647G96

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 15:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4561
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 17:15:57 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
340 B 71ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CP3EN5P17J&gtm=2oe9s0&_p=1632882084&_gaz=1&cid=1339247888.1664469118&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Q&_z=ccd.v9B&_s=1&sid=1664469118&sct=1&seg=0&dl=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&dr=https%3A%2F%2Femail.authentic8.net%2F&dt=S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%20%7C%20authentic8&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CP3EN5P17J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.authentic8.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 74ms
25ms Ping
text/plain 2a00:1450:4025:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CP3EN5P17J&cid=1339247888.1664469118&gtm=2oe9s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CP3EN5P17J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.authentic8.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 144ms
64ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CP3EN5P17J&cid=1339247888.1664469118&gtm=2oe9s0&aip=1&z=1882924477

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.38.0/ 369 KB
88 KB 77ms
77ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jz950M8ZW7RakPP2zlLHZQ==
age: 4250
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 89624
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:17 GMT
server: cloudflare
etag: 0x8DA6AE29E465D1D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7e08b95c-701e-0174-68d7-9c18f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75261cb61ea46973-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005851557/ 3 KB
1 KB 179ms
91ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005851557/?random=1664469118375&cv=9&fst=1664469118375&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&ref=https%3A%2F%2Femail.authentic8.net%2F&tiba=S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%20%7C%20authentic8&auid=847351505.1664469118&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27cce2fbcdb44681bf199b6954a088ad20c1a70ffdb76f66d466cb35d7c6bc07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1256
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.authentic8.com.json Show response
script.crazyegg.com/pages/data-scripts/0106/2384/site/ Frame 531A 7 KB
2 KB 63ms
29ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0106/2384/site/www.authentic8.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/2384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7cf741e90169a8d6413efec2c53d6fadd9987463c4f5d99f0749cc2733ab10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 193497
ce-version: 11.4.10
content-length: 2011
last-modified: Tue, 27 Sep 2022 10:47:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75261cb638089b7d-FRA

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 28ms
27ms Script
application/x-javascript 92.123.8.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.8.217 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-8-217.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 16:31:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Sat, 07 Jan 2023 16:31:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 55ms
18ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=290084823191113&ev=PageView&dl=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&rl=https%3A%2F%2Femail.authentic8.net%2F&if=false&ts=1664469118413&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664469118411.20737324&it=1664469118305&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Sep 2022 16:31:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 l
use.typekit.net/af/56b0cd/00000000000000007735957d/30/ 34 KB
34 KB 35ms
33ms Font
application/font-woff2 2a02:26f0:dc::6853:528
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/56b0cd/00000000000000007735957d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jnz0xlg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:528 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3be30c09a4c2a44586ae9710ad7c61e5b9e57ba9d24935ad3e6f61aca28b9b06

Request headers

Referer: https://use.typekit.net/jnz0xlg.css
Origin: https://www.authentic8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
server: nginx
etag: "efd2a4eb0e71949802f825497dfc78423b4eaac3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34328

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=731034&time=1664469118434&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D731034%26time%3D1664469118434%26url%3Dhttps%253A%252F%252Fwww.authentic8.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=731034&time=1664469118434&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=731034&time=1664469118434&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_to...

0
265 B

328ms
227ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=731034&time=1664469118434&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&liSync=true&e_ipv6=AQLj-9XTPq7M3gAAAYOKFzA0y0Vw-hRU80dcaF9_P0hbt9vBg8o_RoIe-_O3SDS3BaEnbxMKjurs--abfvjumIu4Qx5-NA
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:59 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 616EDA5E826147BA9A5B5270420EE6F1 Ref B: FRAEDGE1316 Ref C: 2022-09-29T16:31:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXp02qZKwx4FCyVOjtz0w==

Redirect headers

date: Thu, 29 Sep 2022 16:31:58 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1900F468DBAD44CBAA110841B794936E Ref B: FRAEDGE1416 Ref C: 2022-09-29T16:31:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=731034&time=1664469118434&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&liSync=true&e_ipv6=AQLj-9XTPq7M3gAAAYOKFzA0y0Vw-hRU80dcaF9_P0hbt9vBg8o_RoIe-_O3SDS3BaEnbxMKjurs--abfvjumIu4Qx5-NA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXp02qUILbSlx04m+4+NQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 22ms
22ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1632882084&t=pageview&_s=1&dl=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&dr=https%3A%2F%2Femail.authentic8.net%2F&ul=en-us&de=UTF-8&dt=S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%20%7C%20authentic8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAAC~&jid=457052800&gjid=1953269866&cid=1339247888.1664469118&tid=UA-20720817-9&_gid=1425361678.1664469118&_r=1&gtm=2wg9q0P647G96&z=1210144201

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.authentic8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.authentic8.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XDFrame Show response
silo.authentic8.com/index.php/form/ Frame 6095 2 KB
868 B 209ms
208ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silo.authentic8.com/index.php/form/XDFrame

Requested by

Host: silo.authentic8.com
URL: https://silo.authentic8.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05384af45b0c2db4015f020338c087b4fc64c1353b7a8fd3f1e94112e010d9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.authentic8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 75261cb66d9b695e-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 29 Sep 2022 16:31:58 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 a18bb0e21d11a839b7adb013c92ee611.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 94 KB
30 KB 30ms
30ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0106/2384.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b27f38e2543c9093abd281dfd9354f97c4efca61ce6d2e339048d449ffbd586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 17 Sep 2022 06:58:49 GMT
server: cloudflare
age: 193884
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75261cb67a6d68eb-FRA
content-length: 30751

POST
H/1.1 200
OK visitWebPage
431-rsm-422.mktoresp.com/webevents/ 2 B
318 B 824ms
166ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://431-rsm-422.mktoresp.com/webevents/visitWebPage?_mchNc=1664469118491&_mchCn=&_mchId=431-RSM-422&_mchTk=_mch-authentic8.com-1664469118490-15365&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&_mchHo=www.authentic8.com&_mchPo=&_mchRu=%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Femail.authentic8.net%2F&_mchQp=utm_source%3Demail__-__mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 16:31:59 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 7b859fb3-480a-4e98-a46d-24d8d60b68b9

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 72ms
27ms XHR
text/plain 2a00:1450:4025:402::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-20720817-9&cid=1339247888.1664469118&jid=457052800&gjid=1953269866&_gid=1425361678.1664469118&_u=YADAAEAAQAAAAC~&z=1847936984

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.authentic8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 16:31:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.authentic8.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame FF60
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

125ms
54ms

XHR
application/json

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2c538abc52d2e8ee0b1e0ed2c75059c1856c184ae87c3931210fb890c64a689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 29 Sep 2022 16:31:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FF60 29 B
588 B 113ms
32ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:25:32 GMT
x-content-type-options: nosniff
age: 386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Sep 2022 16:40:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 90ms
40ms Preflight
text/html 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 29 Sep 2022 16:31:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FF60 66 KB
30 KB 82ms
35ms XHR
application/json+protobuf 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b121a48e515e4f94f1890a3f3384f953fe2ea86d5e8f305855e5ae7075a78e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30836
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/ Frame FF60 118 KB
36 KB 30ms
30ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc6ccbc283e27f01d41ccbdcbd9acf7151c33f95214f7e7dee6f7a6dd077e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BixSK3rO-As
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37171
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:51:50 GMT

GET
H2 200 SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js Show response
www.google.com/js/th/ Frame FF60 36 KB
15 KB 77ms
36ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac3537cc63f1ad2b631472037e21dfa41ac9a3fb91f567ba312bb7b1ef55759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14354
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 11:49:32 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/ Frame FF60 25 KB
8 KB 52ms
51ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e17cbde77014c5439662649c9a847768e743ed8abae03e49299bf9aa24831c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BixSK3rO-As
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8105
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 00:24:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Sep 2023 14:52:23 GMT

GET
H2 200 8X0G9TREevZG.png
image.status.io/ 10 KB
11 KB 112ms
19ms Image
image/png 2600:9000:236e:5e00:19:3bcd:f3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.status.io/8X0G9TREevZG.png
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:19:3bcd:f3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1566394c2a3743b98985b73a69308be711fceab866f01a08f5a79c67ce7663c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 03:42:37 GMT
x-amz-version-id: aMzsAsaT_FKFNcfHOW2lSY0ldRRoGmkQ
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
last-modified: Fri, 23 Jul 2021 17:15:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 9636562
etag: "0795bb66a77916dec32b3f56a40fcf6e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 10628
x-amz-cf-id: wm7AMJ0GbojO3JgQWNw090mEgtlG-xPbhSquCgQ8n-qciVnQkJH2_g==

GET
DATA 200
OK truncated
/ Frame FF60 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu8rFVUDI7tTBYVGaQKoNgGKGzjR3Bw62S5c3xdCiw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame FF60 2 KB
2 KB 147ms
29ms Image
image/jpeg 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8rFVUDI7tTBYVGaQKoNgGKGzjR3Bw62S5c3xdCiw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6fe1f080cf179bce85cdeb09ff278006e9f5ce710fbf72b30098b8b1c912ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:30:50 GMT
x-content-type-options: nosniff
age: 68
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2125
x-xss-protection: 0
server: fife
etag: "ve6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 18 Sep 2022 16:20:18 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/BixSK3rO-As/ Frame FF60 19 KB
19 KB 88ms
25ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/BixSK3rO-As/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc74917392d03721af9463206e4f033d6f77d1b2af9a1ce9b64fd30f0171b91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19283
x-xss-protection: 0
server: sffe
etag: "1664223370"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Sep 2022 16:36:58 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 92ms
53ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-20720817-9&cid=1339247888.1664469118&jid=457052800&_u=YADAAEAAQAAAAC~&z=520237069

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 129ms
64ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-20720817-9&cid=1339247888.1664469118&jid=457052800&_u=YADAAEAAQAAAAC~&z=520237069

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/57397b19-ff3e-4c46-9fa3-5bf39b2f24ab/b261b5a2-5e1a-4cd8-b5fc-b26a23d21d43/ 51 KB
10 KB 73ms
66ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/57397b19-ff3e-4c46-9fa3-5bf39b2f24ab/b261b5a2-5e1a-4cd8-b5fc-b26a23d21d43/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb1d69ea6bbd777da02195e1ad8a88f94d5d420d50201be2a8455b5ebb5d2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: g+el+tFxpWOlO3DvLOTyuQ==
age: 8095
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 10445
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 20:59:14 GMT
server: cloudflare
etag: 0x8DA6C2508F62846
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e87e4402-a01e-00f1-162b-a10975000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75261cb7a8876943-FRA
expires: Thu, 29 Sep 2022 20:31:58 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1005851557/ 42 B
64 B 53ms
27ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1005851557/?random=1664469118375&cv=9&fst=1664467200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&ref=https%3A%2F%2Femail.authentic8.net%2F&tiba=S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%20%7C%20authentic8&async=1&fmt=3&is_vtc=1&random=3122504612&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1005851557/ 42 B
64 B 121ms
69ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1005851557/?random=1664469118375&cv=9&fst=1664467200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9q0&sendb=1&frm=0&url=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&ref=https%3A%2F%2Femail.authentic8.net%2F&tiba=S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%20%7C%20authentic8&async=1&fmt=3&is_vtc=1&random=3122504612&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 16:31:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.authentic8.com.json Show response
script.crazyegg.com/pages/data-scripts/0106/2384/sampling/ Frame 531A 163 B
215 B 28ms
28ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0106/2384/sampling/www.authentic8.com.json?t=462352
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ca7fcdda95d5a69148f4b1cc790563f27f9785cc89ac26aa722da50bd38dfc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 193497
ce-version: 11.4.10
content-length: 151
last-modified: Tue, 27 Sep 2022 10:47:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75261cb77a929b7d-FRA

GET
H3 204 generate_204
www.youtube.com/ Frame FF60 0
10 B 30ms
30ms Image
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?wookOA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/BixSK3rO-As
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BixSK3rO-As
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame FF60 4 KB
3 KB 73ms
34ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 16:31:58 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame 531A 19 B
461 B 65ms
16ms XHR
application/json 13.224.189.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 06:23:23 GMT
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 6689316
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: Flzp2GMcHepWej7IGqpfPNUeEk4rcLYUdMZQ6mdh0OkzCfsNsGJeBw==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame 531A 19 B
461 B 65ms
16ms XHR
application/json 13.224.189.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-40.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 11:33:15 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 3301123
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: gXkzjjBc4yIf4i2zn0FvQVNx1P-gv9sgS_3ZmFL-KxZusPJGdRwkeQ==

GET
H2 200 forms2.min.js Show response
silo.authentic8.com/js/forms2/js/ Frame 6095 208 KB
69 KB 38ms
37ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silo.authentic8.com/js/forms2/js/forms2.min.js

Requested by

Host: silo.authentic8.com
URL: https://silo.authentic8.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://silo.authentic8.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 04:01:35 GMT
server: cloudflare
age: 841
etag: "2fe1b58-33e51-5e9503bee9160"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 75261cb82931695e-FRA
expires: Thu, 29 Sep 2022 20:31:58 GMT

GET
BLOB 200
OK 0ac26441-3ade-4513-944f-fc449d33de7f
https://www.authentic8.com/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.authentic8.com/0ac26441-3ade-4513-944f-fc449d33de7f
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/ 13 KB
3 KB 70ms
70ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: l8TaFfqEBdbGRIscoE5PLQ==
age: 8095
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3007
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:09 GMT
server: cloudflare
etag: 0x8DA6AE29925C8FF
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 53bc0599-901e-0058-1c2b-a1dc9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75261cb8db1b6943-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/v2/ 64 KB
13 KB 69ms
69ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a29fbb745ef24f858d96e76daf0c4e52f1af3b41becfd7fae1b143a6e9fec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BJ08KLAvpzZpuIY3VesHLg==
age: 8095
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13296
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:11 GMT
server: cloudflare
etag: 0x8DA6AE29AA07224
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bc13ecdf-f01e-0165-422b-a12fee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75261cb8db1f6943-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.38.0/assets/ 22 KB
4 KB 70ms
70ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.38.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.38.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Sep 2022 16:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: TLLtdkuMahUQRVIfmZNHNw==
age: 8095
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 06:31:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 63481c37-001e-013f-3f2b-a1296f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 75261cb8db216943-FRA

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 183ms
136ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=3fcf63f9-16df-42fb-b3e5-7e3cdb8c1170&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f007c46-d8cd-4d78-bcec-7e34c53f9f8b&tw_document_href=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&tw_iframe_status=0&txn_id=o1uvu&type=javascript&version=2.3.27

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 120
date: Thu, 29 Sep 2022 16:31:58 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3210c1a12357ed9c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 49677a5ff0a7d414a494fb321a6930f9803bd06a27f1cdfb45025c5b46f48c07
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 457ms
120ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=3fcf63f9-16df-42fb-b3e5-7e3cdb8c1170&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4f007c46-d8cd-4d78-bcec-7e34c53f9f8b&tw_document_href=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&tw_iframe_status=0&txn_id=o1uvu&type=javascript&version=2.3.27

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 29 Sep 2022 16:31:58 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9e3a9c886005ea25
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a9020f04702f8581e2e44f99d80405879b6933eb647888ace78ebdf6e92db1a2
content-length: 43

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/106/ Frame FF60 52 KB
15 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/106/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 22:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 15:10:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 29 Sep 2022 22:55:27 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame 531A 29 B
136 B 161ms
71ms XHR
text/plain 54.229.197.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1664469118813
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.197.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-197-178.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e9371bb7cebed0ecdd965a85f4e1100561b9a8943c9197b5a09f27aafe1657b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Sep 2022 16:31:58 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FF60 90 B
134 B 29ms
29ms XHR
application/json+protobuf 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78e5575117bdb9f5560fcdf6ebdcfef7ef1eeaa16de4fe922bab4711784f03b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 29 Sep 2022 16:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 26ms
26ms Preflight
text/html 2a00:1450:400e:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 29 Sep 2022 16:31:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 70ms
70ms Image
image/svg+xml 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Sep 2022 16:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 6914
x-ms-lease-status: unlocked
last-modified: Thu, 29 Sep 2022 06:35:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 42da761c-e01e-00b9-5cd3-d33be8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 75261cb97d936973-FRA

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 48ms
27ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=290084823191113&ev=Microdata&dl=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&rl=https%3A%2F%2Femail.authentic8.net%2F&if=false&ts=1664469118915&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%20%7C%20authentic8%22%2C%22meta%3Adescription%22%3A%22The%20intersection%20of%20open-source%20information%2C%20disinformation%2C%20social%20media%20and%20journalism%20has%20spawned%20a%20new%20breed%20of%20investigator.%C2%A0Meet%20Brecht%20Castel%2C%20fact-checking%20journalist%20and%20OSINT%20aficionado%2C%20and%20hear%20his%20advice%20on%20how%20to%20be%20good%20at%20both.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22authentic8%22%2C%22og%3Atype%22%3A%22image%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fauthentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%22%2C%22og%3Atitle%22%3A%22S1E27%20%7C%20Where%20Woodward%20meets%20Holmes%3A%20OSINT%20and%20investigative%20journalism%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.authentic8.com%2Fsites%2Fdefault%2Ffiles%2F2022-09%2Fs1e27_smog_lite.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664469118411.20737324&it=1664469118305&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.authentic8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Sep 2022 16:31:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
BLOB 200
OK dd939eea-6e66-4b9a-b7ff-3278cd1151f6
https://www.authentic8.com/ 266 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.authentic8.com/dd939eea-6e66-4b9a-b7ff-3278cd1151f6
Requested by: Host: www.authentic8.com
URL: https://www.authentic8.com/needlestack/s1e27-brecht-castel-osint-journalism?utm_source=email&mkt_tok=NDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb63b2098c70687e1ecd9cd89361b212c06c5fdd8c932e8538d1f25bb57a229

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Length: 266
Content-Type: text/javascript

GET
H2 200 css2
fonts.googleapis.com/ Frame 0305 6 KB
1 KB 132ms
51ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;400;500;600;700&display=swap

Requested by

Host: player.captivate.fm
URL: https://player.captivate.fm/episode/dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f56a8b39c0aec31478b0553fb94c8ab2a53edb6bb934530c33d88d47c3c44c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.captivate.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 16:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 16:21:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 16:31:59 GMT

GET
H/1.1 200
OK app.css
player.captivate.fm/css/ Frame 0305 22 KB
23 KB 339ms
176ms Stylesheet
text/css 52.36.157.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.captivate.fm/css/app.css?id=aee978b48c98cbe6cee0
Requested by: Host: player.captivate.fm
URL: https://player.captivate.fm/episode/dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.157.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-157-138.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 803c2c4c666eac0c802576aa2948d49c70c0fba8cebc295e95a3255cdff5354a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.captivate.fm/episode/dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 16:31:59 GMT
Last-Modified: Tue, 10 May 2022 14:05:16 GMT
Server: nginx/1.20.0
ETag: "627a711c-593b"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22843

GET
H2 200 wgALg2ov21YlADZIn9_bpJxX.png
artwork.captivate.fm/bfe8da84-ff4b-4f22-8e1b-58f2a144a2d1/ Frame 0305 243 KB
244 KB 631ms
59ms Image
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://artwork.captivate.fm/bfe8da84-ff4b-4f22-8e1b-58f2a144a2d1/wgALg2ov21YlADZIn9_bpJxX.png
Requested by: Host: player.captivate.fm
URL: https://player.captivate.fm/episode/dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: WasabiS3/7.1.284-2022-01-13-3b91eb9 (head13) /
Resource Hash: 4cb545640bf880f86e6c5b3928a15c9a9633577b7fa37032bad6276b84135033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.captivate.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 16:31:59 GMT
last-modified: Wed, 08 Dec 2021 17:40:22 GMT
server: WasabiS3/7.1.284-2022-01-13-3b91eb9 (head13)
x-amz-request-id: 48AE03F7E45C0E93
etag: "b5391f8ff36d192d82df271d5eb1ad88"
x-hw: 1664469119.cds228.lo4.hn,1664469119.cds230.lo4.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
content-length: 248944
x-amz-id-2: NLc+zBIDPP6bb++f9MVUdpMJwEmlUclfvZrACqmgLK5CjLYAWxIRcAUC/y1TZL3daiIm84cr+UR7

GET
H/1.1 200
OK app.js Show response
player.captivate.fm/js/ Frame 0305 134 KB
134 KB 176ms
176ms Script
application/javascript 52.36.157.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.captivate.fm/js/app.js?id=229fd6bb9f0450449e11
Requested by: Host: player.captivate.fm
URL: https://player.captivate.fm/episode/dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.157.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-157-138.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 96eb5b83dff548a3c0239f8b5fb954c4e2cf8436798a2a7fcab50f9283713f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.captivate.fm/episode/dbb1deb5-4b8d-4f43-b268-8f3fb0abf6db
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 16:31:59 GMT
Last-Modified: Tue, 10 May 2022 14:05:16 GMT
Server: nginx/1.20.0
ETag: "627a711c-218b6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137398

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 0305 8 KB
8 KB 52ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://player.captivate.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 68936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:23:03 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 0305 8 KB
8 KB 54ms
21ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://player.captivate.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 76026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:24:53 GMT

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 0305 8 KB
8 KB 49ms
17ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://player.captivate.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 75975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:25:44 GMT

GET
H/1.1 200
OK player_token Show response
api.captivate.fm/media/053e3534-ca16-492d-81ec-084699df4bc4/ Frame 0305 68 B
512 B 736ms
175ms XHR
application/json 54.189.189.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.captivate.fm/media/053e3534-ca16-492d-81ec-084699df4bc4/player_token
Requested by: Host: player.captivate.fm
URL: https://player.captivate.fm/js/app.js?id=229fd6bb9f0450449e11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.189.189.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-189-83.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 792c28c5e18d207aa3b37d62042ac7858460f9e34c5bf54c1f9ccb8f15a49b13

Request headers

Accept: */*
Referer: https://player.captivate.fm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 16:32:00 GMT
Server: nginx/1.20.0
ETag: W/"44-8i/kAHDIMbVILCW+oCaXEw4/iy4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, PUT, PATCH, OPTIONS, DELETE, GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Cache-Control, Content-Type, Accept, Authorization
Content-Length: 68

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FF60 28 B
54 B 58ms
57ms XHR
application/json 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5248e50a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-Goog-Request-Time: 1664469120871
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/BixSK3rO-As
X-YouTube-Client-Version: 1.20220927.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgstNnNGbFhEd1F1dyj-kNeZBg%3D%3D
X-YouTube-Ad-Signals: dt=1664469118399&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C850%2C478&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 29 Sep 2022 16:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 29 Sep 2022 16:32:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.email.authentic8.net/	1970-01-20 06:21:10	Name: __cf_bm Value: 9W9pMfieBmI8Mwiy6jz3k73SFEHxFInyGMjqa5StVcg-1664469116-0-AW6LzN1Iv3RW04Jwfx6nwbVtUIbdauyAto6pDQgORtFEkEMWz54itQDrAy19u33/iopgeKkiTXCYBz5q8jBHzn0=
.fonts.net/	1970-01-20 06:21:10	Name: __cf_bm Value: WElqwmvX8U98.q6Jm5Y1ZKGWlH99kCQmy4W8siLkxrk-1664469117-0-AXiw7qj3pRM02MJGKNsnaBftaxc8mSBmYP381XJ4CS9LVErIPUAHXi7IMDVbIGzjhKy1JlR0iSSku1haaRoDUNE=
.silo.authentic8.com/	1970-01-20 06:21:10	Name: __cf_bm Value: nu911C1IQyHmme4QIAWRTNzNekfIb2RwVBktSkyTu3o-1664469118-0-Af11dem8n5DmnHnzw9KFCPIcUG1/bYByMf2WOMUhaPgwBlNjWfkaVDtGSxPmnkjXaTzC+N6XZBlSmL+c9mjt5tg=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: r7oa6OsqX_c
.youtube.com/	1970-01-20 10:40:21	Name: VISITOR_INFO1_LIVE Value: -6sFlXDwQuw
.authentic8.com/	1970-01-20 15:06:45	Name: _biz_uid Value: 5bcfd84f6bc349eac2f65e97eff4ee5e
.authentic8.com/	1970-01-20 06:21:10	Name: _biz_sid Value: 4d58eb
.authentic8.com/	1970-01-20 15:06:45	Name: _biz_nA Value: 1
.authentic8.com/	1970-01-20 08:30:45	Name: _gcl_au Value: 1.1.847351505.1664469118
.bizible.com/	1970-01-20 15:06:45	Name: _BUID Value: 5bcfd84f6bc349eac2f65e97eff4ee5e
.bizibly.com/	1970-01-20 15:06:45	Name: _BUID Value: 8a5cded7fe70e422523c44840ded1a3b
.authentic8.com/	1970-01-20 15:06:45	Name: _biz_pendingA Value: %5B%5D
.authentic8.com/	1970-01-20 15:57:09	Name: _ga_CP3EN5P17J Value: GS1.1.1664469118.1.0.1664469118.60.0.0
.authentic8.com/	1970-01-20 08:30:45	Name: _fbp Value: fb.1.1664469118411.20737324
.authentic8.com/	1970-01-20 15:57:09	Name: _ga Value: GA1.2.1339247888.1664469118
.authentic8.com/	1970-01-20 06:22:35	Name: _gid Value: GA1.2.1425361678.1664469118
.authentic8.com/	1970-01-20 06:21:09	Name: _gat_UA-20720817-9 Value: 1
.authentic8.com/	1970-01-20 15:06:45	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.authentic8.com/	1970-01-20 15:57:09	Name: _mkto_trk Value: id:431-RSM-422&token:_mch-authentic8.com-1664469118490-15365
.doubleclick.net/	1970-01-20 06:21:10	Name: test_cookie Value: CheckForPermission
silo.authentic8.com/	1969-12-31 23:59:59	Name: BIGipServersj26web-nginx-app_https Value: !V9hV7NIXiD5PQHnOF/6EdpB26h7ooB61er3lIbKxQncOB2bwLpWIiDxOqyYXfaIjndkPzP6vAEw7QQ==
.linkedin.com/	1970-01-20 07:04:21	Name: UserMatchHistory Value: AQKPk69CfWM_pAAAAYOKFy59M6V5mCfcNHISr-AS4rcJqBFJPWEK9-qag3FdD5BEvmsCAWvGWFBQzw
.linkedin.com/	1970-01-20 07:04:21	Name: AnalyticsSyncHistory Value: AQKmnRDx53HEKAAAAYOKFy594ZxiPHmtSFSvfL5H_mcVx8W5Uvrk3xalrSrvACd6t35522S87yi_PcBzKabYcw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:06:45	Name: bcookie Value: "v=2&db076cc6-b432-42af-897f-d1bcfbb60639"
.linkedin.com/	1970-01-20 06:22:35	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2404:u=1:x=1:i=1664469118:t=1664555518:v=2:sig=AQEs0OWH3Dw12wweLlNa8ORpFFupD5Jb"
.authentic8.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.authentic8.com/	1970-01-20 15:06:45	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Sep+29+2022+16%3A31%3A58+GMT%2B0000+(GMT)&version=6.38.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.authentic8.com%2Fneedlestack%2Fs1e27-brecht-castel-osint-journalism%3Futm_source%3Demail%26mkt_tok%3DNDMxLVJTTS00MjIAAAGHKQIUsFO_vipI9VC3pCMN6KtCDbaBJYziTx2--kkcSlaNF4zJSf2ilNoVSG2lDy7yECiPGBDM0MqVGTpZaiG8f5WZnEIore0rTfrP7H5PTg&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:06:45	Name: bscookie Value: "v=1&2022092916315858bc02a5-ef4c-4d77-889f-7b13d0796f28AQG8it-FXPmlrjwIJGYl85tFq4JOFF56"
.linkedin.com/	1970-01-20 10:40:21	Name: li_gc Value: MTswOzE2NjQ0NjkxMTg7MjswMjECeBgO6AHz4YE48lsjsnla7Fv5PEcpSE1YL/VwGzP9WQ==
.authentic8.com/	1969-12-31 23:59:59	Name: cebsp Value: 1
.authentic8.com/	1970-01-20 15:06:45	Name: _ce.s Value: v~4e99c5c0e416b6fe5e6bed52ab39af86b60d7f3b~vpv~0~v11.rlc~1664469118980
.t.co/	1970-01-20 15:57:09	Name: muc_ads Value: 9a798960-b2a0-4f5b-a12b-36ae09ada9d5
.twitter.com/	1970-01-20 15:57:09	Name: guest_id_marketing Value: v1%3A166446911919937587
.twitter.com/	1970-01-20 15:57:09	Name: guest_id_ads Value: v1%3A166446911919937587
.twitter.com/	1970-01-20 15:57:09	Name: personalization_id Value: "v1_wx+kj4nVifTBDjDXitRaZQ=="
.twitter.com/	1970-01-20 15:57:09	Name: guest_id Value: v1%3A166446911919937587

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://email.authentic8.net/NDMxLVJTTS00MjIAAAGHKQIUsLkbvIKPUqw66VRWcoGdRaqDor6uiCREqc1yj5_dWPQ2Vq8F4PCyY-5gCnx675OINOI= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-OPg4ekYb2W9nTk1XHmtGsQe4by2DzpfpDV+3zwNvbsw=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

431-rsm-422.mktoresp.com
analytics.twitter.com
api.captivate.fm
api.lever.co
artwork.captivate.fm
assets-tracking.crazyegg.com
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
connect.facebook.net
email.authentic8.net
fast.fonts.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.ytimg.com
image.status.io
jnn-pa.googleapis.com
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
munchkin.marketo.net
p.typekit.net
pagestates-tracking.crazyegg.com
player.captivate.fm
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.crazyegg.com
silo.authentic8.com
snap.licdn.com
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
status.authentic8.com
t.co
tracking.crazyegg.com
use.typekit.net
www.authentic8.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
104.17.73.206
104.17.74.206
104.244.42.5
104.244.42.67
13.107.42.14
13.224.189.40
13.224.189.71
142.250.184.226
151.139.128.11
152.195.15.58
192.28.147.68
199.232.136.157
2001:4860:4802:32::36
205.185.216.10
2600:9000:2204:ca00:7:c19d:4100:93a1
2600:9000:236e:5e00:19:3bcd:f3c0:93a1
2606:4700:4400::6812:2962
2606:4700::6810:9440
2606:4700::6811:e14e
2606:4700::6813:9308
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:803::2016
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2004
2a00:1450:4001:830::200e
2a00:1450:400d:807::2001
2a00:1450:400d:807::2006
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2002
2a00:1450:400e:803::200a
2a00:1450:4025:402::9c
2a02:26f0:3500:16::215:14a0
2a02:26f0:dc::6853:509
2a02:26f0:dc::6853:528
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.120.76.49
44.237.246.197
52.36.157.138
54.189.189.83
54.229.197.178
92.123.8.217
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
03ab51250e083d7fddbdf2cd487bf0b0d3e896a784a07587ef04585dcf61960e
04d69a778c3d73c5df4a59a8256df36064d72ef8e902ac8fbdbd51dd6b9612c5
05384af45b0c2db4015f020338c087b4fc64c1353b7a8fd3f1e94112e010d9ff
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
0bb1d69ea6bbd777da02195e1ad8a88f94d5d420d50201be2a8455b5ebb5d2d3
0e17cbde77014c5439662649c9a847768e743ed8abae03e49299bf9aa24831c7
0e97d882d8bf2d51568428b176e42d1297c48a07edd91cbb0b5099343e7705e5
10261b710e399a8cee22c8ff4118167d91ac58254f5bf0291036d2219dd5cf25
11a0c2f74f2a2cc458deead559b05fa6c1fa322972b4b9cbeff40738b1b7a163
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
195369548bc4925a9d7f601ed22ccd80b2a9569f5f4c827d212fa3dd6d94ef79
1ab9da9a2f333457b99e32436cc744587b30d385559522721ed39b539e963a9f
1b27f38e2543c9093abd281dfd9354f97c4efca61ce6d2e339048d449ffbd586
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d486c1e81468de1c2724cfb481101a6fb40a533a21a3e0b163fca9c8ac57310
24a29fbb745ef24f858d96e76daf0c4e52f1af3b41becfd7fae1b143a6e9fec0
24d86f2fe75548a688d6b8a3443b25341d11725b6ab8fdcb81ba313c2788bff1
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2578023f52f9c1461c52ed5893b7f6765fa1a0a689eeae365111df59fa99eef7
27cce2fbcdb44681bf199b6954a088ad20c1a70ffdb76f66d466cb35d7c6bc07
2ad1a3ce85195c70b579486b5b5b7721a42a5613b35e4a96e68a2d95bced9a3a
2c7cf741e90169a8d6413efec2c53d6fadd9987463c4f5d99f0749cc2733ab10
2fee19626251374178b719acf5a9054e775ec7cd3c68438d4722bd0d56da48dd
308ffb0c091fb909d1c759d3d4ff4fa68baf2647d533ee015adfb0756eb291d7
33c7e2eb884267121c2f6de555ab827a6e30aa51f5b26671cb6bb444e5d90e8a
3660e15c764894e47dd639cccb1be2722a7ec4b366c378e7e781c2e5ea0085d0
3be30c09a4c2a44586ae9710ad7c61e5b9e57ba9d24935ad3e6f61aca28b9b06
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4120c62c25cd2f9d7f5155aaf84f772c08e18dd1be19e39ed0d866d3916bedce
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
423d4eec1339448f4aa84c1688615824c45175f0065391df656b16c55ea53474
42b2b9d16fbf8d3c6be72420699360790966e58fe30d8794fd90a71c8aef122d
436a49a751591aa80d97484d2d7fcc2f416d6ff6dd247a8bd675a3087798f304
46e579cc8ebe2772a2448341504de2ff755d7b7826861d02786c2e335e48a46a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ac3537cc63f1ad2b631472037e21dfa41ac9a3fb91f567ba312bb7b1ef55759
4cb545640bf880f86e6c5b3928a15c9a9633577b7fa37032bad6276b84135033
5289eb582a0c24a0f9720c24058f41ec2575268b896406eba59ce4df73b1d932
5336f5fd6572d1469408cb88f7b442f3777fb26c47b36c23001f59ff1a5d8dbe
53386b51cdacd99baec553808a51cb6964b2a6e4b9db4c73d977c3d7311c76b6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57841912f44c2c1b0bf3568a196691d9d5cead8268c04f2e9d1ebfa08bab9d44
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
67bcfbb4f3c8c3a4542f109d71d4acf23a5b2943918bc817d02575a6436f7a80
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c3949442725eb812f10960fee1abc0ce4910738ef3d53b1b57ab0f574d280f1
6c9021e59dd8f84307c3bad8ce443f34824982f6e83eb2604b8bbba41125fad6
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6d76f2d4fad6052afdce657abc9eb2dc8de609ff1a3b2f432880c7022cc3922e
6fe1f080cf179bce85cdeb09ff278006e9f5ce710fbf72b30098b8b1c912ce9a
78752e4cb95a684c918488b2f8a054d3621111baf4c62689a3498d3cb6b05a41
78e5575117bdb9f5560fcdf6ebdcfef7ef1eeaa16de4fe922bab4711784f03b6
792c28c5e18d207aa3b37d62042ac7858460f9e34c5bf54c1f9ccb8f15a49b13
7b954a2b62d40c9d189ff38093a85632aed0641b3e1d8fedbc290aefede6388d
7ca7fcdda95d5a69148f4b1cc790563f27f9785cc89ac26aa722da50bd38dfc7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
803c2c4c666eac0c802576aa2948d49c70c0fba8cebc295e95a3255cdff5354a
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b0ee7225ad88345a88cfb755b77a6b4741c45e7a1933f92a7345fc06c314e76
8b32ecaefdb46554be1d9922139999f06e9ac0c00749fd1331256c7b304c523c
8bd0fa3d52f071c8545a0402cbe8fd22ed5138dc0374b285804a634a893b088a
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
96eb5b83dff548a3c0239f8b5fb954c4e2cf8436798a2a7fcab50f9283713f2a
984da40aebf4ab5fed766e400e7137a59d26154ea4cf9a28e0c321401e90e6dd
9be852406bdc157410ad62a3b8c036f6dbafc0aa189ea33aedb2662200afc6d0
9c1891f73f3ed4d8ebb227bf01630b986fbf347cbc9e977e75f89fc7f8dcc094
9c691eef5f1466c0589ffe91dfb84c9e3ae3be372cf40569e4f18543b8d6c563
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a11c7a3725a346d42daa4378c3ba47741b55bb3e6c63497e54e917654e2acdbd
a1566394c2a3743b98985b73a69308be711fceab866f01a08f5a79c67ce7663c
a785c237b04f286b58bf2a1a00defb8ca716c5217fd81f71d858bb0c877f24be
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b121a48e515e4f94f1890a3f3384f953fe2ea86d5e8f305855e5ae7075a78e56
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b6a633dbf42e630b45247bb202c603b88cbb2b2bcdbabc3bf5ce5f53d1456f29
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bc74917392d03721af9463206e4f033d6f77d1b2af9a1ce9b64fd30f0171b91c
be325f69619aa971a189dc8399a025b5464e58ef1e658e32a0f2a13ff0eac3a9
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
cbc6ccbc283e27f01d41ccbdcbd9acf7151c33f95214f7e7dee6f7a6dd077e26
ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d09ae0b29cdd9b6718cdab21d5a4b96a25aca4797e67fb3397652b1a26cf77ff
d2c538abc52d2e8ee0b1e0ed2c75059c1856c184ae87c3931210fb890c64a689
d3da04882389816898551d378170f0e7c1e84e69168b600115bee5505c4db767
d408bc1816b61306ec9c3f936a965f0bb1cf5043175be3b0dc4ecfe6ec14ae50
d588e51adbf2a8bd146b84473600647d7c95a5efa7f7f7775592bb20801661e6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbb63b2098c70687e1ecd9cd89361b212c06c5fdd8c932e8538d1f25bb57a229
dc3e30d73c7337791da10df2b7f777ad0f1158f0a9cc11e8f30da41e6bf131b7
dd4eaaf83e3c26f8fb190da2ed0210200a1125554f3e69ba8e39e1437eec6022
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e11a859a46bb9144653d48567c17c2873f732e69f4f4b81b9c3809a6d19622f2
e367234c9dc9a134df1a9a192c4037c239744d1894ab507fe3462ea597aec993
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bfbb076c955bce43985fad0dfbce33bbe1b96de23408ba678bf53380638ca0
e9371bb7cebed0ecdd965a85f4e1100561b9a8943c9197b5a09f27aafe1657b0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee78afa1b3c3e2aaf086a76eece62e870a7aa55cd267af644b31b2e23cf33262
eeb019dbff2eb6f67c58b9ba8bfaba26a12fa8215e7bc89c35a02ecabb5092fc
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f125605f3dcc16406bfe126890d6af261d57c95cb026f40667e08a3ea0181b36
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f56a8b39c0aec31478b0553fb94c8ab2a53edb6bb934530c33d88d47c3c44c75
f66f3eb40dc841ff138652d06134d9532130782bf247dd3c4e0d1709b29839f6
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fdd57bce597618d68724ebe6aaf4f153bee609f407dec513835ec6b0390c050d
ff74505c6a3510a7ceaa4cfa8ce1472acf8ccd354f80caa0556804e7253cb495

www.authentic8.com Open in urlscan Pro 34.120.76.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

97 %HTTPS

59 %IPv6

33 Domains

48 Subdomains

46 IPs

6 Countries

2710 kBTransfer

7911 kBSize

38 Cookies

18 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.authentic8.com Open in urlscan Pro
34.120.76.49 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

97 %
HTTPS

59 %
IPv6

33
Domains

48
Subdomains

46
IPs

6
Countries

2710 kB
Transfer

7911 kB
Size

38
Cookies

134 HTTP transactions
2 data transactions