www.westword.com Open in urlscan Pro
172.67.72.250 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Submission: On September 30 via manual (September 30th 2021, 4:14:21 pm UTC) from IN — Scanned from DE

Summary HTTP 131 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 51 IPs in 6 countries across 33 domains to perform 131 HTTP transactions. The main IP is 172.67.72.250, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.westword.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 27th 2021. Valid for: a year.

This is the only time www.westword.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	172.67.72.250 172.67.72.250	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
2	13.225.87.46 13.225.87.46	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1	13.225.85.149 13.225.85.149	16509 (AMAZON-02) (AMAZON-02)
1 2	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	13.224.193.29 13.224.193.29	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
5	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
5	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
8	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
2	209.104.5.204 209.104.5.204	22772 (LOGIN) (LOGIN)
2	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
1	35.167.53.177 35.167.53.177	16509 (AMAZON-02) (AMAZON-02)
1	13.224.190.164 13.224.190.164	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.190.88.7 35.190.88.7	15169 (GOOGLE) (GOOGLE)
2	54.208.153.186 54.208.153.186	14618 (AMAZON-AES) (AMAZON-AES)
1	104.22.9.88 104.22.9.88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.193.27 13.224.193.27	16509 (AMAZON-02) (AMAZON-02)
1	74.125.133.156 74.125.133.156	15169 (GOOGLE) (GOOGLE)
1	3.232.164.179 3.232.164.179	14618 (AMAZON-AES) (AMAZON-AES)
1 5	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
2	216.58.212.173 216.58.212.173	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1 3	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
7	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	44.241.125.95 44.241.125.95	16509 (AMAZON-02) (AMAZON-02)
1	34.216.108.96 34.216.108.96	16509 (AMAZON-02) (AMAZON-02)
1 1	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1 9	52.35.10.191 52.35.10.191	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	52.213.161.66 52.213.161.66	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
2	13.225.87.62 13.225.87.62	16509 (AMAZON-02) (AMAZON-02)
1	35.84.44.29 35.84.44.29	16509 (AMAZON-02) (AMAZON-02)
1	157.240.236.12 157.240.236.12	32934 (FACEBOOK) (FACEBOOK)
5	142.250.74.193 142.250.74.193	15169 (GOOGLE) (GOOGLE)
2	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	54.195.66.206 54.195.66.206	16509 (AMAZON-02) (AMAZON-02)
3	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	52.201.77.148 52.201.77.148	14618 (AMAZON-AES) (AMAZON-AES)
2	13.224.193.37 13.224.193.37	16509 (AMAZON-02) (AMAZON-02)
1	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	34.215.192.98 34.215.192.98	16509 (AMAZON-02) (AMAZON-02)
131	51

20 172.67.72.250 (United States)

ASN13335 (CLOUDFLARENET, US)

www.westword.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-46.fra2.r.cloudfront.net

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-29.fra2.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.104.5.204 (Arivaca, United States)

ASN22772 (LOGIN, US)
PTR: fdncms.com

media1.fdncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.167.53.177 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-53-177.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.190.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-190-164.fra2.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.88.7 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.208.153.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-153-186.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.9.88 (None, )

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-27.fra2.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.164.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-164-179.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.236.35 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.173 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f173.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.125.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-125-95.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.108.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-108-96.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.87 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.35.10.191 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-10-191.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.161.66 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-161-66.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

15fb7196f36346d928997189667c5bdf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-62.fra2.r.cloudfront.net

api-location-prd.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.84.44.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-44-29.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.236.12 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-atlas-shv-02-frx5.facebook.com

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.66.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-66-206.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.77.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-77-148.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-37.fra2.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.192.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-192-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	westword.com www.westword.com	2 MB
12	ad.gt 1 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	17 KB
12	adnxs.com 1 redirects acdn.adnxs.com ib.adnxs.com ams1-ib.adnxs.com cdn.adnxs.com secure.adnxs.com	104 KB
11	doubleclick.net 3 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	157 KB
9	gstatic.com fonts.gstatic.com ssl.gstatic.com	175 KB
8	google.com 1 redirects apis.google.com accounts.google.com www.google.com adservice.google.com	57 KB
6	pushnami.com api.pushnami.com trc.pushnami.com psp.pushnami.com	63 KB
5	stripe.com js.stripe.com q.stripe.com m.stripe.com	64 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	googlesyndication.com 15fb7196f36346d928997189667c5bdf.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	16 KB
5	facebook.com 1 redirects www.facebook.com	284 B
5	facebook.net connect.facebook.net	391 KB
5	google-analytics.com www.google-analytics.com	41 KB
5	pelcro.com js.pelcro.com www.pelcro.com api-location-prd.pelcro.com	174 KB
4	adsrvr.org 2 redirects js.adsrvr.org match.adsrvr.org insight.adsrvr.org	4 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	stripe.network m.stripe.network	17 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	625 B
2	bugsnag.com sessions.bugsnag.com	140 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	fdncms.com media1.fdncms.com	212 KB
2	connatix.com 1 redirects cd.connatix.com cds.connatix.com	234 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	atdmt.com cx.atdmt.com	571 B
1	mathtag.com 1 redirects sync.mathtag.com	651 B
1	contextweb.com 1 redirects bh.contextweb.com	423 B
1	aufp.io aufp.io	3 KB
1	adnxs-simple.com crcdn01.adnxs-simple.com	94 KB
1	chartbeat.net ping.chartbeat.net	201 B
1	quantcount.com rules.quantcount.com	611 B
1	chartbeat.com static.chartbeat.com	14 KB
131	33

	Domain	Requested by
20	www.westword.com	www.westword.com
9	ids.ad.gt	1 redirects www.westword.com
8	fonts.gstatic.com	fonts.googleapis.com
7	ams1-ib.adnxs.com	www.westword.com cdn.adnxs.com
6	securepubads.g.doubleclick.net	1 redirects www.westword.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.facebook.com	1 redirects js.pelcro.com www.westword.com
5	connect.facebook.net	www.westword.com connect.facebook.net
5	www.google-analytics.com	www.westword.com www.google-analytics.com js.pelcro.com
3	js.stripe.com	js.pelcro.com js.stripe.com
3	cm.g.doubleclick.net	2 redirects www.westword.com
3	www.google.com	1 redirects www.westword.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	psp.pushnami.com	js.pelcro.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	tpc.googlesyndication.com	www.westword.com securepubads.g.doubleclick.net
2	api-location-prd.pelcro.com	js.pelcro.com
2	dpm.demdex.net	2 redirects
2	image2.pubmatic.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cdn.adnxs.com	acdn.adnxs.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	trc.pushnami.com	js.pelcro.com
2	sessions.bugsnag.com	js.pelcro.com
2	media1.fdncms.com	www.westword.com
2	apis.google.com	www.westword.com apis.google.com
2	platform.twitter.com	www.westword.com platform.twitter.com
2	api.pushnami.com	www.westword.com api.pushnami.com
2	cdn.jsdelivr.net	www.westword.com
2	js.pelcro.com	www.westword.com js.pelcro.com
2	fonts.googleapis.com	www.westword.com securepubads.g.doubleclick.net
1	m.stripe.com	m.stripe.network
1	q.stripe.com	www.westword.com
1	insight.adsrvr.org	js.adsrvr.org
1	googleads.g.doubleclick.net	www.westword.com
1	cx.atdmt.com	www.westword.com
1	pixels.ad.gt	p.ad.gt
1	ssl.gstatic.com	accounts.google.com
1	15fb7196f36346d928997189667c5bdf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	secure.adnxs.com	1 redirects
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	crcdn01.adnxs-simple.com	acdn.adnxs.com
1	syndication.twitter.com	platform.twitter.com
1	pixel.quantserve.com	www.westword.com
1	ping.chartbeat.net	www.westword.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	www.pelcro.com	js.pelcro.com
1	ib.adnxs.com	acdn.adnxs.com
1	static.chartbeat.com	www.westword.com
1	a.ad.gt	www.westword.com
1	secure.quantserve.com	www.westword.com
1	acdn.adnxs.com	www.westword.com
1	cds.connatix.com	www.westword.com
1	cd.connatix.com	1 redirects
1	js.adsrvr.org	www.westword.com
131	60

This site contains links to these domains. Also see Links.

Domain
www.voicemediagroup.com
www.phoenixnewtimes.com
www.browardpalmbeach.com
www.dallasobserver.com
www.houstonpress.com
www.miaminewtimes.com
www.couponscaptain.com
vitamin-ha.com
bit.ly
adindex.westword.com
www.facebook.com
instagram.com
twitter.com
publishwithfoundation.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-27` - `2022-09-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.pelcro.com Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-10` - `2021-10-08`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
media.fdncms.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
pelcro.com Sectigo RSA Extended Validation Secure Server CA	`2020-02-25` - `2022-02-18`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-07-10` - `2021-10-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Frame ID: A7ED49D1AB8294AF1F564823871FD1AA
Requests: 86 HTTP requests in this frame

Frame: https://cds.connatix.com/p/130993/connatix.playspace.dc.js
Frame ID: 011AA19F046CB429DF2BC452822B7AA0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.westword.com
Frame ID: 39F0BEA8F62A7DB72A157D3C787CBC0C
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 2DBEAC2CD62CCE84BDE84AB97E3F044E
Requests: 3 HTTP requests in this frame

Frame: https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&e=wqT_3QLKBHxKAgAAAwDWAAUBCNbE14oGELGc6YWS6sf7DRgAKjYJAA0BABENCAQAGQEJENej4D8hAQkBAQApAQUBAfRpATEAAABA4XrEPzCQ4L0KOMNGQMNGSABQAFjYvFpgAGiogXR4w5AFgAEBigEAkgEDVVNEmAEBoAEBqAEBsAEAuAEAwAEAyAEA0AEA2AEA4AEA8AEA2AIA4AKf8FrqAlxodHRwczovL3d3dy53ZXN0d29yZC5jb20vc3RvcnlodWIvYmx4YnVkcy1yZXZpZXdzLXNjYW0tb3ItbGVnaXQtaXMtYmx4LWJ1ZHMtd29ydGgteW91ci1tb25leYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7wZ4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQPMjE2LjEzMS4xMTQuMTY4qAQAsgQOCAAQARgAIAAoADAAOAK4BADABADIBADaBAIIAOAEAPAEAIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAIW4Q2gYWChABCS4BAGAQABgA4AYA8gYCCACABwGIBwCgBwC6Bw8IBRpAIAAwADi_BkAAyAfDkAXSBw013wE4CNoHBgknPOAHAOoHAggA8Afo1wL6BxIVJlUFBIIIShUA&s=1920ec2a2d5351cba2acab2069a2cec25a5e8600&bdref=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money,https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&
Frame ID: AF4AC97B349AAF4AE8B9B5038B550EA0
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DB7F2C000D4BE78F4FD8567E1469E325
Requests: 25 HTTP requests in this frame

Frame: https://15fb7196f36346d928997189667c5bdf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6DDC186A4B093117FE96233F275E25FF
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&upid=07ypglr&upv=1.1.0
Frame ID: 5392FC71D2A14BC447EE5F5C58815C67
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 2EA7D67AC4A39809317BB57FD58668CC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: BE5D33F60D513A5B369AA319E8E767AA
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 625CFFE55B3D7A543A068E5EBB3DD0A5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BLXBuds Reviews (Scam or Legit) - Is BLX Buds Worth Your Money?

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
apis\.google\.com/js/platform\.js

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

131
Requests

99 %
HTTPS

0 %
IPv6

33
Domains

60
Subdomains

51
IPs

6
Countries

4615 kB
Transfer

14635 kB
Size

52
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.voicemediagroup.com/
Title: Voice Media Group

Search URL Search Domain Scan URL

URL: https://www.phoenixnewtimes.com/
Title: Phoenix New Times

Search URL Search Domain Scan URL

URL: https://www.browardpalmbeach.com/
Title: New Times Broward-Palm Beach

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/
Title: Dallas Observer

Search URL Search Domain Scan URL

URL: https://www.houstonpress.com/
Title: Houston Press

Search URL Search Domain Scan URL

URL: https://www.miaminewtimes.com/
Title: Miami New Times

Search URL Search Domain Scan URL

URL: https://www.couponscaptain.com/
Title: Coupons Captain

Search URL Search Domain Scan URL

URL: http://vitamin-ha.com/Buy/BLXBuds
Title: Visit the Official BLXBuds Earbuds Website For Nearly 50% Off Retail Price

Search URL Search Domain Scan URL

URL: https://bit.ly/3ijnGP3
Title: This Week's Issue

Search URL Search Domain Scan URL

URL: https://adindex.westword.com/classifieds
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www.facebook.com/denverwestword

Search URL Search Domain Scan URL

URL: http://instagram.com/denverwestword

Search URL Search Domain Scan URL

URL: https://twitter.com/denverwestword

Search URL Search Domain Scan URL

URL: https://publishwithfoundation.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/130993/connatix.playspace.dc.js

Request Chain 67

https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=2039949226 HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 74

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&adnxs_id=$UID HTTP 302
https://ids.ad.gt/api/v1/match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&adnxs_id=7274894583155433016

Request Chain 75

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=3a22df4a-f91d-4421-aff3-d70de5cc5686&id=0f32fa9d-7198-4613-83f8-b7bc28386656

Request Chain 76

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=F1AEF9B1-E3CB-4DB0-BE84-730EF7C32B15&id=0f32fa9d-7198-4613-83f8-b7bc28386656

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=0f32fa9d-7198-4613-83f8-b7bc28386656&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&google_error=15

Request Chain 78

https://ids.ad.gt/api/v1/g_hosted?id=0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MGYzMmZhOWQtNzE5OC00NjEzLTgzZjgtYjdiYzI4Mzg2NjU2

Request Chain 79

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=0f32fa9d-7198-4613-83f8-b7bc28386656&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=0f32fa9d-7198-4613-83f8-b7bc28386656&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=45348054983310243121754623951852592200&id=0f32fa9d-7198-4613-83f8-b7bc28386656

Request Chain 80

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=BEmP22HPMgu2&ev=1&pid=562316&id=0f32fa9d-7198-4613-83f8-b7bc28386656

Request Chain 81

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D0f32fa9d-7198-4613-83f8-b7bc28386656 HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=33766155-e257-4d00-8f8c-c8f045920422&id=0f32fa9d-7198-4613-83f8-b7bc28386656

Request Chain 100

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&rl=&if=false&ts=1633018455727&cd[partner_id]=322&cd[tagger_id]=08e506d4afbf1dfb64a974e797ebb470&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633018455405.1535608912&it=1633018454951&coo=false&tm=1&exp=p1&rqm=GET HTTP 302
https://cx.atdmt.com/?c=10223614575716800394&f=AYyio3Veh2p78S2bIwdLIcQgIObnKUuqMDgV6l0HPfYCKOy5R-yQGgXE1QwrzayF6pWLstpgXEtnXgRkF43v6eLq&id=1853083501571805&l=3&v=0

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

131 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money Show response
www.westword.com/storyhub/ 91 KB
20 KB 827ms
774ms Document
text/html 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a2392c64018794b7a9c85180eacdebc6457b7e852105ccd92b926abba1be99c

Request headers

:method: GET
:authority: www.westword.com
:scheme: https
:path: /storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 30 Sep 2021 05:57:43 GMT
x-dn-cache-control: max-age=93600
cache-control: max-age=300, s-maxage=900
x-gyrobase-publication: den
vary: Host,Accept-Encoding
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZfCTvzOCNIyYJYbIaYvXWCx101mMPFL%2FqrnT2PO6rBeJe5it%2FOpzxpap6zz1%2BGW9ryeQf9mvia2gtPtvh8pj1nfGCSy%2B1QPt17BpmlJqzZvey0B5IGTNiz2xXHTtctuttc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696ebe358c24f9de-PRG
content-encoding: br

GET
H2 200 desktop.css
www.westword.com/fdn-system/assets/pub/styles/ 742 KB
93 KB 44ms
43ms Stylesheet
text/css 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87537ab1c7129d0dba8d97195cf16c52600abbbe587d778f8a6d7baf920bd02

Request headers

:path: /fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29454
cf-polished: origSize=967211
cf-bgj: minify
last-modified: Thu, 30 Sep 2021 01:36:28 GMT
server: cloudflare
etag: W/"ec22b-5cd2c79b95f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0chuKgrznyMsALvlhSMbxiGc7SI9aUXvYTEAHVdQoeSKzVBWsVLbyhNuY0O%2BILhMQRtoIBq8tp1sYnyCIjMeaqR00OSR7mB1U4pNcrvpNwgmwq2YDHdHyvLJmg5ceGgFSXs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-dn-cache-control: max-age=259200
cf-ray: 696ebe3a8fc2f9de-PRG
expires: Sun, 03 Oct 2021 06:00:04 GMT

GET
H2 200 uikit.js Show response
www.westword.com/fdn-system/assets/pub/scripts/ 186 KB
53 KB 30ms
30ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/fdn-system/assets/pub/scripts/uikit.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fb64345d71f4c06846abe03f864274565b24fea10d791e4d20ba60b0963076d

Request headers

:path: /fdn-system/assets/pub/scripts/uikit.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244099
cf-polished: origSize=339756
cf-bgj: minify
last-modified: Mon, 27 Sep 2021 20:19:23 GMT
server: cloudflare
etag: W/"52f2c-5ccffd01028c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdoQi%2F2Owl33LtQ9nEXIinHltI10aRzx9%2Fk4nnS2a1%2BzMxTV%2BZboC9RWhF5E%2FjsWBZMEWjkq0qgcqGQecvh24BHQY6kNqFXwQDdt%2BGNldPRD3f0x7s2QPTE6f%2Bwdbxoi4wM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 696ebe3a8fc4f9de-PRG
expires: Thu, 30 Sep 2021 20:21:22 GMT

GET
H2 200 uikit-icons-fdn.js Show response
www.westword.com/fdn-system/assets/pub/scripts/ 231 KB
85 KB 43ms
43ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/fdn-system/assets/pub/scripts/uikit-icons-fdn.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 954e9241dcd1269c38f5260b6adabdec38b82f7e50fcc891acc296023064ddff

Request headers

:path: /fdn-system/assets/pub/scripts/uikit-icons-fdn.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244099
cf-polished: origSize=238436
cf-bgj: minify
last-modified: Mon, 27 Sep 2021 20:19:23 GMT
server: cloudflare
etag: W/"3a364-5ccffd01028c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdbVcj3jVIJ%2BONJgmxCeZSW%2FN1HS9%2BXafI678ZBxfc1OBPnJVcelERiuKrc%2BlNVDCYjIr5M1LRd4EuhybK2iWmPx%2FysBpMx%2FP1%2FFoozM4QaD20DBL%2FNg6LRaGGkLf2gJ%2BX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 696ebe3a8fc5f9de-PRG
expires: Thu, 30 Sep 2021 20:21:22 GMT

GET
H2 200 brands.min.js Show response
www.westword.com/foundation/fontawesome/js/ 437 KB
189 KB 60ms
56ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/foundation/fontawesome/js/brands.min.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c60fbb2cbbef335bceb50752f77180c710787594e46f9e00d13121c489af0f5

Request headers

:path: /foundation/fontawesome/js/brands.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
server: cloudflare
age: 244097
etag: W/"6d592-5bb8e808c9400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhzNyFSSYPOiITF219%2F66bi0Vx9u04V6k%2BuISSDQlBf2joiGZQyiplewyaLeDN3odcPhoHDlmG%2B7cplJxHmNgeBb0PZOuNW9QycSwqV6NjUDCKKdMCvMtgHcr7LE%2BDMJ3VU%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3bc8b1f9de-PRG
expires: Thu, 30 Sep 2021 20:21:22 GMT

GET
H2 200 solid.min.js Show response
www.westword.com/foundation/fontawesome/js/ 1 MB
344 KB 59ms
56ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/foundation/fontawesome/js/solid.min.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a1b092d7e105d5ecda0bd16c3642bc9c9a19ce1c86318331d81c8d40217641c

Request headers

:path: /foundation/fontawesome/js/solid.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
server: cloudflare
age: 244097
etag: W/"116b58-5bb8e808c9400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6W1NOgHInzjXfSEYwPAoHi9vRbboJmuSH0cHi5%2F9bNP6BbAxHVLMEnSR32eYpSY0R82EDqprNAesa5Ra996bQl3exdOpBp%2FQ93en0PlgisJamPCbQKrBJouZpUkywqO29Q%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3bc8b2f9de-PRG
expires: Thu, 30 Sep 2021 20:21:22 GMT

GET
H2 200 regular.min.js Show response
www.westword.com/foundation/fontawesome/js/ 1 MB
442 KB 59ms
56ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/foundation/fontawesome/js/regular.min.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1295392dc1ad49ec647789fb43abc365e98aee26822f397ba16a24d9acf6a689

Request headers

:path: /foundation/fontawesome/js/regular.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
server: cloudflare
age: 244097
etag: W/"155d35-5bb8e808c9400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8%2BdWdbVluiHKTGpZfLD4jnzVxI%2F5sbzt9q6TjmUWEC6NiVy6UVlDvw0rpx6lP%2FtExhrHWakJTdXoJbVbsT7auZUFQpAshQSTB%2BxXNIHMJ4v786TTi9qtY0uQmTThmqCGmA%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3bc8b3f9de-PRG
expires: Thu, 30 Sep 2021 20:21:22 GMT

GET
H2 200 fontawesome.min.js Show response
www.westword.com/foundation/fontawesome/js/ 36 KB
13 KB 28ms
26ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/foundation/fontawesome/js/fontawesome.min.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 380a2b96ba56a2981cd1c689b78edd8b91096f843ebec8ba62de16c8d8afd2fb

Request headers

:path: /foundation/fontawesome/js/fontawesome.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
server: cloudflare
age: 244097
etag: W/"91a7-5bb8e808c9400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhbTuXgocMgFa2k4v7NxW%2FdgivWDl3sLNEo6JYDHhakG%2BaPUdWzHVjrwx7okF6xC2hnH%2FxrbObUTQp2tLKZpIJqdUUHIZkDLwnAeMYMxNjcCrthcXLNnRjESf0nFRhzZfM4%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3bc8b4f9de-PRG
expires: Thu, 30 Sep 2021 20:21:26 GMT

GET
H2 200 light.min.js Show response
www.westword.com/foundation/fontawesome/js/ 1 MB
492 KB 43ms
40ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/foundation/fontawesome/js/light.min.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f44becebd35a6e9ec71d4917ee8690eb00a0b0f0c9c7fa230f504464e9c643c

Request headers

:path: /foundation/fontawesome/js/light.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
server: cloudflare
age: 244097
etag: W/"17be80-5bb8e808c9400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5MQY5zjaraP3FJ3MDyvJLu2oo6TdTf3O36aX13i30xkezzsV94Bu19vkky3qzCF15eFlGEdzlqy174TQD%2B7ShsomFEE9K7sB8AzCB4o2Ix%2F2mEQgctolxoiRYbIXk77SpM%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3bc8b5f9de-PRG
expires: Thu, 30 Sep 2021 20:21:27 GMT

GET
H2 200 duotone.min.js Show response
www.westword.com/foundation/fontawesome/js/ 1 MB
355 KB 47ms
44ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/foundation/fontawesome/js/duotone.min.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51643413920fb7346927f681edf04d04a89cbdd95e4b1f6c52808328bf92ad4e

Request headers

:path: /foundation/fontawesome/js/duotone.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
server: cloudflare
age: 244097
etag: W/"12d01e-5bb8e808c9400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhgkmowIri28Xh%2F%2BQejBWzK7mPu%2F%2F%2BhSiHannRherRUCKjfkuF9h4dnRBoypdbkJ67eT3%2BvoXq%2BGTF0%2Fn%2BBtiCX%2FoLfE2jZpTNGMFdInGeHy31ZtZ4cRrl53wZfnoh2rGbM%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3bc8b6f9de-PRG
expires: Thu, 30 Sep 2021 20:21:27 GMT

GET
H2 200 common.js Show response
www.westword.com/foundation/scripts/ 214 KB
71 KB 43ms
42ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/foundation/scripts/common.js?cb=d7f82a81e2d7abbb123bbd141e3dd80a
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb6be382fc0265c274be5e74b0daa523ced214f6edb94616b974411a8a62b4b

Request headers

:path: /foundation/scripts/common.js?cb=d7f82a81e2d7abbb123bbd141e3dd80a
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29454
cf-polished: origSize=219751
cf-bgj: minify
last-modified: Thu, 21 Jan 2021 23:30:12 GMT
server: cloudflare
etag: W/"35a67-5b97173fda900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjsG62ldblCS%2BxEYQK%2B3ha75DT59WF%2FGPilNVvQBj6klCSrehOYpKTsXo%2BvCTE%2FqR%2ByVGEZLGlOxU7rgw%2BolbkBYMWRFyeoxzZuYQnkPeLlGDU6hSjRXCLAA09sNlUWqa6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 696ebe3a8fc7f9de-PRG
expires: Sun, 03 Oct 2021 06:00:04 GMT

GET
H2 200 foundation-air.js Show response
www.westword.com/foundation/scripts/ 786 KB
226 KB 43ms
43ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/foundation/scripts/foundation-air.js?cb=d7f82a81e2d7abbb123bbd141e3dd80a
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23b89b99b70efd3ae455b60bbf63a6dfc26b21e84656adebe0c7c5aa8eaa1c0

Request headers

:path: /foundation/scripts/foundation-air.js?cb=d7f82a81e2d7abbb123bbd141e3dd80a
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29454
cf-polished: origSize=806043
cf-bgj: minify
last-modified: Mon, 09 Aug 2021 19:19:59 GMT
server: cloudflare
etag: W/"c4c9b-5c925456875c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4aZ6KCJPbyYrn%2F8fsjNhWl1jb0q0O46Ko57bAmXfQE%2Fdb0ic8aN3PWPU2Uaybtp3YjIt4ISc73CLerOcBEofi%2BH3kHMEXrXoL2Cs3JSCKoUF5Cxq2Tv%2FLT9M%2F%2BwTsRTkP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 696ebe3a8fc8f9de-PRG
expires: Sun, 03 Oct 2021 06:00:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 68ms
27ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;700&family=Roboto+Condensed:wght@300;400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

f217bbae5732034eaf08f67f2c4ce3d6ab6f8cfb6c178a30521ea0a0ece9b11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 16:11:26 GMT
server: ESF
date: Thu, 30 Sep 2021 16:14:14 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 30 Sep 2021 16:14:14 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 264 KB
67 KB 59ms
7ms Script
text/javascript 13.225.87.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 557cbf5d2d2979926354eca107f2156e627889e3e98ada83e9308726e61a7bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:55:08 GMT
content-encoding: br
last-modified: Tue, 21 Sep 2021 07:52:22 GMT
server: AmazonS3
age: 1184
etag: "d75e22d9de1ddd13dcbb2760267133c1"
x-edge-origin-shield-skipped: 0
content-type: text/javascript; charset=utf-8
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 68127
x-amz-cf-id: QHtwTO_xMKnZD6Y9Wey-lBcqEPuTl83Xrqz9Tfx8vgzTEqf--xBq_A==

GET
H2 200 ResizeSensor.js Show response
www.westword.com/fdn-system/assets/pub/scripts/ 5 KB
2 KB 26ms
26ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/fdn-system/assets/pub/scripts/ResizeSensor.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd55acbe373b8ce45a4ca931775510a3dfa9fd40ec8505ae7291feb7b0b62575

Request headers

:path: /fdn-system/assets/pub/scripts/ResizeSensor.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244099
cf-polished: origSize=10104
cf-bgj: minify
last-modified: Mon, 27 Sep 2021 20:19:23 GMT
server: cloudflare
etag: W/"2778-5ccffd01028c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExnQyFBCblJZwIBOxTjJqyoewtPv3f6fIXjniscnnb26yz9IN5h6O7GovLudgE%2FNW7odjFb6j9SR4ExCzqlHAkepZHqQkseBZAN2exRL6RLVJuhygXBhkG%2FJG%2FkWxp6BeqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 696ebe3a8fc9f9de-PRG
expires: Thu, 30 Sep 2021 20:21:30 GMT

GET
H2 200 ElementQueries.js Show response
www.westword.com/fdn-system/assets/pub/scripts/ 10 KB
3 KB 27ms
27ms Script
application/x-javascript 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/fdn-system/assets/pub/scripts/ElementQueries.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398dc6dbd96011b1221e4ae2d74302edf250d806c06bc696701a2dcb63d331ba

Request headers

:path: /fdn-system/assets/pub/scripts/ElementQueries.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244099
cf-polished: origSize=20253
cf-bgj: minify
last-modified: Mon, 27 Sep 2021 20:19:23 GMT
server: cloudflare
etag: W/"4f1d-5ccffd01028c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKu1FoMub2jVnphtYfvGPF81K%2Fr7uUhMWYPtHETgZrwjcgJiCELChRFzub%2Bx3a1rSz8lNeTUfijevk4nOYoKaraDGJ0lNS3eCWQxItXozA3bGZmGCHrLGnhY9wnc4XzQ5B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 696ebe3a8fcaf9de-PRG
expires: Thu, 30 Sep 2021 20:21:31 GMT

GET
H2 200 den-main-logo.png
www.westword.com/images/ 11 KB
12 KB 25ms
23ms Image
image/png 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.westword.com/images/den-main-logo.png
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba2ced9f2c1f257195ebcb6d968f122be0d3fbd042fb1b7e66d256a9cda09d3

Request headers

:path: /images/den-main-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244097
content-length: 11449
last-modified: Wed, 23 Jun 2021 21:53:36 GMT
server: cloudflare
etag: "2cb9-5c575f03e1800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HGK3Qw47LHs0KXvBGUYwN0ytP2zEYsw97KTa0m8uYpYdxNBq5AX4UKHMJXZI4dZntx95%2BtM%2Bi4eoG6Uo9knjDFGS6dwa534uTvYBS2em2jGBXTdnReclrXQoHhIvDNsMVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-dn-cache-control: max-age=2419202
accept-ranges: bytes
cf-ray: 696ebe3bc8b8f9de-PRG
expires: Mon, 25 Oct 2021 20:21:37 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 22ms
6ms Stylesheet
text/css 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2820
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1299
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by: cache-fra19143-FRA
x-jsd-version-type: version
date: Thu, 30 Sep 2021 16:14:14 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 7ms
7ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2820
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6756
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by: cache-fra19143-FRA
x-jsd-version-type: version
date: Thu, 30 Sep 2021 16:14:14 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 PoweredByFoundation.svg
www.westword.com/images/ 20 KB
8 KB 26ms
25ms Image
image/svg+xml 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.westword.com/images/PoweredByFoundation.svg
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73eb3a275137c862b8aede37f767fb8878199c38388c804d40811205fb3b396

Request headers

:path: /images/PoweredByFoundation.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.westword.com
referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 19:54:03 GMT
server: cloudflare
age: 3121
etag: W/"515e-5c8d547dfecc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6H%2BYXmpSsJSuC4bu6plhohQCAGY%2FLtjgOSXstNQKxGPZB7Lj6DkI8EsuFCad6d1jHzX5hNq1mMNueZ0kwYVJlpqF6y5eiBiqDr1%2BPSMXkkBasggLScftuHBZ%2Bo%2FkZiDkWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3bc8b9f9de-PRG

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 38ms
7ms Script
application/x-javascript 13.225.85.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-149.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 17:40:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 81245
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/x-javascript
Via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: uSXQ0QHwDciV0fXK8cmUjGDenowyPAvKttEbXX-4365Qs1iRsLUMsw==

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/130993/ Frame 011A
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/130993/connatix.playspace.dc.js

1 MB
234 KB

13ms
6ms

Script
application/javascript

151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/130993/connatix.playspace.dc.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 415c2848aa4a274a1e80af7986607cd96b1a43c198978a97a639e258f0b195b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
last-modified: Wed, 29 Sep 2021 08:45:12 GMT
age: 101793
etag: "6829c49f4ccc11939e7105ce13c57063"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 239640

Redirect headers

location: https://cds.connatix.com/p/130993/connatix.playspace.dc.js
date: Thu, 30 Sep 2021 16:14:14 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 60bf73dba4d9510011da24c7 Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 254 KB
61 KB 51ms
21ms Script
application/javascript 13.224.193.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/60bf73dba4d9510011da24c7
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-29.fra2.r.cloudfront.net
Software: /
Resource Hash: 7695feb46c048dd3913799f3c10f10370f4061341634c109ae4f267752183203

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:13:53 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
age: 21
vary: accept-encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
x-amz-cf-id: 0Sm3vm0je-9H6_WxCdFUkU9RY1ea09Uh2eRPpBZCuk0cEO-WRuICWA==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 89 KB
31 KB 35ms
6ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 20de6d868da34f858f29c591051e6a090968af31da2519ea6ea28183e41430a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 16:14:14 GMT
Content-Encoding: gzip
Age: 82039
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 31390
X-Served-By: cache-lga21964-LGA, cache-hhn4073-HHN
Access-Control-Allow-Origin: *
Last-Modified: Tue, 28 Sep 2021 17:11:43 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1633018454.384616,VS0,VE0
ETag: W/"61534ccf-16237"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 29 Sep 2021 17:26:54 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 3, 54408

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 30ms
6ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4934
date: Thu, 30 Sep 2021 14:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 30 Sep 2021 16:52:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 65ms
7ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 16:14:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1127
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28872
x-tw-cdn: VZ
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6725)
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.westword.com
URL: https://www.westword.com/foundation/scripts/foundation-air.js?cb=d7f82a81e2d7abbb123bbd141e3dd80a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

42b4eb7693522f770247be97697ee3a27358daf6773ee69c62c6066a75f0c78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: owVcTR/8uj8RQViFeaQFpw==
cross-origin-resource-policy: cross-origin
expires: Thu, 30 Sep 2021 16:34:09 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: azeDYXtBVJdiy825HFxicDwiuggd/O2ll3VuTFtqJm/wI/Rnuo7tXKOUlb5beFCqC1mvexY6Q8CE+EaFlSOtnQ==
x-fb-trip-id: 917726464
x-fb-content-md5: 507c54dbc31d3c28d58dfdff313b9c6f
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 30 Sep 2021 16:14:14 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "9df37df5868a91ca068f55b4f00737a5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 61ms
32ms Script
application/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.westword.com
URL: https://www.westword.com/foundation/scripts/foundation-air.js?cb=d7f82a81e2d7abbb123bbd141e3dd80a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OlvvVvtVky5IqkBHNhrBiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-OlvvVvtVky5IqkBHNhrBiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Thu, 30 Sep 2021 16:14:14 GMT

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c52965e97e25fc384a2d740f9b558186a6da55dafa480fdae5f29225b9721dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84b742c171dadedcad5db808d8dca7c9b19487365533eee7919cebe8e88c3cf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 avalon-bold-fdn.woff
www.westword.com/styles/fonts/ 27 KB
27 KB 34ms
31ms Font
application/font-woff 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/styles/fonts/avalon-bold-fdn.woff
Requested by: Host: www.westword.com
URL: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131911bf220ea99b0c5cb656841224dba94da7314169f3069ccac0815bc9e0df

Request headers

:path: /styles/fonts/avalon-bold-fdn.woff
pragma: no-cache
origin: https://www.westword.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.westword.com
referer: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 19:54:57 GMT
server: cloudflare
age: 244097
etag: W/"6aa8-5c8d54b17e640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcy0IStLtAEMcF9PcHRjnmDfFtzGeKbCX64IjCyf9qAGOoiGbNTF7bf%2FHlNAqp5iaekeia3klXvKd4uWp8CrFXi6c96EiInn45RxR20Zob5DdQ%2BUrQt2OrqpXFL5L54Q55E%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/font-woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3c28ebf9de-PRG
expires: Thu, 30 Sep 2021 20:21:36 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 45ms
13ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;700&family=Roboto+Condensed:wght@300;400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 14:00:18 GMT
x-content-type-options: nosniff
age: 353636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15604
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 26 Sep 2022 14:00:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 38ms
6ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 85354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:31:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 39ms
8ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 85354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:31:40 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 49ms
17ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 03:54:04 GMT
x-content-type-options: nosniff
age: 217210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 03:54:04 GMT

GET
H2 200 avalon-book-fdn.woff
www.westword.com/styles/fonts/ 26 KB
26 KB 32ms
28ms Font
application/font-woff 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/styles/fonts/avalon-book-fdn.woff
Requested by: Host: www.westword.com
URL: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e66e73048706fa4d36d4b10033b268c63408c0304395f11ef661a278c403bf

Request headers

:path: /styles/fonts/avalon-book-fdn.woff
pragma: no-cache
origin: https://www.westword.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.westword.com
referer: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 19:54:57 GMT
server: cloudflare
age: 244097
etag: W/"6640-5c8d54b17e640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zx3lR2IZj0kiDLOVZkg01Sw%2Fb9IYoGYAT4MWosd7c8OFAFOie8hxPVvsOp28lmtoXIQDhVgtn73sJN5o%2F1QP%2FFnqjCZHTgVMY3gWVPKI6%2BXWBGY3c9y5PTI0Bqo4Y%2FGRdE%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/font-woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3c28eff9de-PRG
expires: Thu, 30 Sep 2021 20:21:36 GMT

GET
H2 200 serif12beta-regular-webfont.woff
www.westword.com/styles/fonts/ 30 KB
31 KB 32ms
28ms Font
application/font-woff 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/styles/fonts/serif12beta-regular-webfont.woff
Requested by: Host: www.westword.com
URL: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d6fa0add72b520785550d10a22373d383420fded6809a4b1f6f584d094c430

Request headers

:path: /styles/fonts/serif12beta-regular-webfont.woff
pragma: no-cache
origin: https://www.westword.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.westword.com
referer: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 19:54:57 GMT
server: cloudflare
age: 244097
etag: W/"7998-5c8d54b17e640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5wU4lwDY4iJNpc6XX1u7MMLFBm5D8yvnMHpXIZwvM7yLVNO2DUa6IOYnIoopkdp00Q00tiNAl0VK4pedP9N8RuRHHqfJz8HTIfQMMQf57SmH0VkHRz8%2BSqDHHlcmTm6u3c%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/font-woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3c28f1f9de-PRG
expires: Thu, 30 Sep 2021 19:54:45 GMT

GET
H2 200 serif12beta-bold-webfont.woff
www.westword.com/styles/fonts/ 31 KB
31 KB 33ms
29ms Font
application/font-woff 172.67.72.250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.westword.com/styles/fonts/serif12beta-bold-webfont.woff
Requested by: Host: www.westword.com
URL: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.72.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b332ac60714bc69c5f411267b8cd63190e8a82b17b552d7c85aa9d796edba2af

Request headers

:path: /styles/fonts/serif12beta-bold-webfont.woff
pragma: no-cache
origin: https://www.westword.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.westword.com
referer: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.westword.com/fdn-system/assets/pub/styles/desktop.css?cb=4352c38c4fe72e6b46e386d1a06f2c58
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Aug 2021 19:54:57 GMT
server: cloudflare
age: 244097
etag: W/"7c0c-5c8d54b17e640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iADiOIStK%2Fat2l7Zjjg9tXhgO4algi06uAd%2FcurGrsoCgTdwBT0FXQKm2wU7KaSbX3DAQrNL6eBqxLcPdV6omS8%2F0Zoy3YjYoizxsoVMzDFKWvYB0XH%2BLLk4T96cTmLH0W8%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/font-woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696ebe3c28f2f9de-PRG
expires: Thu, 30 Sep 2021 19:35:57 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 47ms
16ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:06:08 GMT
x-content-type-options: nosniff
age: 216486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 04:06:08 GMT

GET
H/1.1 200
OK blxbuds800.jpg
media1.fdncms.com/den/imager/u/golden-m/12455300/ 106 KB
106 KB 474ms
138ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/den/imager/u/golden-m/12455300/blxbuds800.jpg?cb=1632947591

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

ecf32f821406c4ea8743f386c0ea445866ccbc17b3b3eca6a70ac6ba5427b7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 16:14:14 GMT
Last-Modified: Wed, 29 Sep 2021 20:33:11 GMT
Server: Apache
X-Gyrobase-Publication: den
Age: 70841
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 108154
Expires: Wed, 27 Oct 2021 20:33:35 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cdf8ce1a03cd874932cf9f0906a8b37ee52dae75b7005a134668c4ad58b34b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 7ms
6ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 254797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Sep 2022 17:27:37 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 16ms
6ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

010197d1993c80fa2d28758f166043e0eace7c062d11df8a4bcb342fa8755b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: 1xVf96jd6B6cQDSJyS/xxUjiBYAuXRXdIK3nZWQNt/O8iQGAHm6GsWTWbiZ2Ia7mC43L/Aq+ngkAB4yX0gMR3w==
x-frame-options: DENY
date: Thu, 30 Sep 2021 16:14:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 24 KB
9 KB 45ms
7ms Script
application/javascript 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-a4LDpi_DEopn-
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: gzip
etag: "XUylRaJiJNdi08iU32oNYQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 07 Oct 2021 16:14:14 GMT

GET
H2 200 322 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 538ms
183ms Script
application/javascript 35.167.53.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&ref=
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.53.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-53-177.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 776e3f7f770c1c414b69c57f91f258130ed20df76287d4ee2c6930792110fc75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
server: nginx/1.18.0
content-length: 3388
content-type: application/javascript

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 69ms
7ms Script
application/x-javascript 13.224.190.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.190.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-190-164.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:14:19 GMT
content-encoding: gzip
age: 3595
x-edge-origin-shield-skipped: 0
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
etag: W/"60e79439-8e96"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 0idkjCZzT_zmjBhjMYjq4eGsYB_dufET55UNTbSdY6QblcE3mriD9A==
expires: Thu, 30 Sep 2021 17:14:19 GMT

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 22 KB
8 KB 423ms
390ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

845ad1f6dd26f9bd5032286802bfd921280c23a41ef4abd7d7ae055f3088a651

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.westword.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 30 Sep 2021 16:14:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: aa2797f9-d561-41f1-a549-c58549ffb5d7
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.westword.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 263 KB
75 KB 15ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=61e829c5ce903b9061cde5e0688fbcdc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

f1282f636c15cbfddf8ab93ae34e6befffdc3c396df9cc7cca02e0475aa6753c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.westword.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Oc/D7RqX2EcictQhxx0dpA==
cross-origin-resource-policy: cross-origin
expires: Fri, 30 Sep 2022 14:58:09 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76285
x-fb-rlafr: 0
x-fb-debug: LfJD9JYarvWJGUdfgfOOHrNxWZeKVDLZAYoJys0NNmITdkEOd9pMjjih3CtEZSKCMhxy/6mbmg8nFUwmH9DZsw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ae351418495567f4230317c4473f287f
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Sep 2021 16:14:14 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ee4af4d9cf22f7a9b1c5af2c6682e6c3"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 103 KB
34 KB 24ms
8ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 19:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34990
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Wed, 28 Sep 2022 19:26:21 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 39F0 319 KB
103 KB 6ms
6ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.westword.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.westword.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1415611
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 30 Sep 2021 16:14:14 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6752)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1848247320&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&ul=en-us&de=UTF-8&dt=BLXBuds%20Reviews%20(Scam%20or%20Legit)%20-%20Is%20BLX%20Buds%20Worth%20Your%20Money%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1900736928&gjid=2071896519&cid=556584023.1633018455&tid=UA-395255-2&_gid=1132364337.1633018455&_r=1&_slc=1&cd2=General&z=934581301

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westword.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westword.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 191ms
156ms Preflight 35.190.88.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.westword.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Thu, 30 Sep 2021 16:14:14 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 157ms
157ms XHR
application/json 35.190.88.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.westword.com/
Bugsnag-Sent-At: 2021-09-30T16:14:14.716Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: 6a718baeb7a9a3b44b6047423cea023a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 30 Sep 2021 16:14:14 GMT
via: 1.1 google
bugsnag-session-uuid: 209ba659-b97e-4c6a-80f1-6e70936183bc
alt-svc: clear
content-length: 21
content-type: application/json

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 142ms
141ms Fetch
text/html 54.208.153.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.153.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-153-186.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.westword.com/
key: 60bf73dba4d9510011da24c7
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 339ms
110ms Preflight 54.208.153.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Server: 54.208.153.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-153-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.westword.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 10 KB
2 KB 404ms
353ms XHR
application/json 104.22.9.88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=904&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.9.88 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

574cbb5df8111bd7200b1ab17b0f2669125460257e2d642af3b7b1c1e0ab50d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 1681
x-ua-compatible: IE=edge
last-modified: Thu, 30 Sep 2021 15:59:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: en
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, public, s-maxage=60, max-age=0
accept-ranges: bytes
cf-ray: 696ebe3fbae7175a-FRA

GET
H3 200 588388814616401 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 386ms
386ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/588388814616401?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

5df15388f38138769e22903a5eef22c8a94b9ddaf0dbe3e47bf0819b0cb9f6fe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: sURCqHmwMGXC8ChOt3KQZxh2KNTsX0LMM/cJG1I+3CB71AUEII7kiSvNLaKUcIW252cyM7GWzdXgnccol8m6vw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Sep 2021 16:14:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-a4LDpi_DEopn-.js Show response
rules.quantcount.com/ 147 B
611 B 47ms
8ms Script
application/javascript 13.224.193.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a4LDpi_DEopn-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-a4LDpi_DEopn-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-27.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e473c5a0ab2d00ffbdeb98695814298342e62af559b10d7aebce684dee1cf24a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:37:13 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
age: 2226
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 147
last-modified: Wed, 26 Jun 2019 16:40:34 GMT
server: AmazonS3
etag: "64852ad0768d254e4052f94f8b97011c"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: sakwhqFokjp7v_PHjj9S5kVhW4k7v8l5yd9eI5I_S8XMU4bXUIxJwA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
462 B 64ms
21ms XHR
text/plain 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-395255-2&cid=556584023.1633018455&jid=1900736928&gjid=2071896519&_gid=1132364337.1633018455&_u=YEBAAAAAAAAAAC~&z=437049888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westword.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Sep 2021 16:14:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.westword.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 302ms
97ms Image
image/gif 3.232.164.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=westword.com&p=%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&u=D1kig2DeY3DiDK9vYG&d=westword.com&g=10424&g0=%2Fhome&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4113&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1680&t=xfRCgMtzSSCixZodcU2fIBLVdy5&V=128&i=BLXBuds%20Reviews%20(Scam%20or%20Legit)%20-%20Is%20BLX%20Buds%20Worth%20Your%20Money%3F&tz=0&sn=1&sv=CxTEBdDgVFGNCPsUUIB8tRwpB8wiqc&sd=1&im=067b2ff3&_
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.164.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-164-179.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 60ms
45ms Fetch
text/plain 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=174299864696240&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&sdk=joey&wants_cookie_data=true

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: XYKekt5e20SmTiP6TUas6FhZs57bLHYSU+1wdzeoKs9Cl8t5IrS/ShYrDiF/K15rDKgx6a+8Le2bsVSYPN/R+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Sep 2021 16:14:15 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.westword.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 2DBE 512 B
921 B 230ms
199ms Document
text/html 216.58.212.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.173 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f173.1e100.net

Software

ESF /

Resource Hash

107e4ac9be55ac296c7bbb823159b4a1b7b640d10b05b94e343de3b717b10559

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/Fid2j8rHF3TSft1Qgk4CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westword.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=oV2zd3qpP-Bc5_VJEmQ8FQ5Y2s5Tg5sFtsOKfq918mZcGdVXPC1DVdyAz_oNTCU27SKfdwNxx8mBY5oJLdyp9jzLg7ZxCjuKIr6DXOaeQXmjErfT6T3C1QHPKYEkdkE1E1n0mjJ1EmLv1-p8OTMVaPBP_Um6cAxWKAWQ8p-hdOg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Sep 2021 16:14:15 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-/Fid2j8rHF3TSft1Qgk4CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel;r=398885841;rf=0;a=p-a4LDpi_DEopn-;url=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-253959784-163...
pixel.quantserve.com/ 35 B
371 B 21ms
12ms Image
image/gif 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=398885841;rf=0;a=p-a4LDpi_DEopn-;url=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-253959784-1633018455029;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=westword.com;je=0;sr=1600x1200x24;dst=0;et=1633018455029;tzo=0;ogl=url.https%3A%2F%2Fwww%252Ewestword%252Ecom%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-wort%2Csite_name.Westword%2Ctitle.BLXBuds%20Reviews%20(Scam%20or%20Legit)%20-%20Is%20BLX%20Buds%20Worth%20Your%20Money%3F%2Cimage.https%3A%2F%2Fmedia1%252Efdncms%252Ecom%2Fden%2Fimager%2Fu%2Fslideshow%2F12455300%2Fblxbuds800%252Ejpg%2Cimage%3Awidth.1524%2Cimage%3Aheight.947%2Cdescription.Nowadays%252C%20listening%20to%20your%20favourite%20songs%20using%20wireless%20earbuds%20has%20become%20ve%2Ctype.website

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 39F0 288 B
454 B 138ms
116ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4dcd65c81c983b26591f7153e8d45a028a9cbb80

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.westword.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

9394db09c7d923e754846eb13c2c5178ba4cdb990a0e7c687b02cc1028e9c242

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:14 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 16:14:15 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 128e3efa304513f7f195b2e73f9988d50118716a3abbdc64336fc35d831ddbe8
content-length: 188

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 56ms
33ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-395255-2&cid=556584023.1633018455&jid=1900736928&_u=YEBAAAAAAAAAAC~&z=1573646713

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame AF4A 0
807 B 51ms
19ms Script
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&e=wqT_3QLKBHxKAgAAAwDWAAUBCNbE14oGELGc6YWS6sf7DRgAKjYJAA0BABENCAQAGQEJENej4D8hAQkBAQApAQUBAfRpATEAAABA4XrEPzCQ4L0KOMNGQMNGSABQAFjYvFpgAGiogXR4w5AFgAEBigEAkgEDVVNEmAEBoAEBqAEBsAEAuAEAwAEAyAEA0AEA2AEA4AEA8AEA2AIA4AKf8FrqAlxodHRwczovL3d3dy53ZXN0d29yZC5jb20vc3RvcnlodWIvYmx4YnVkcy1yZXZpZXdzLXNjYW0tb3ItbGVnaXQtaXMtYmx4LWJ1ZHMtd29ydGgteW91ci1tb25leYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7wZ4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQPMjE2LjEzMS4xMTQuMTY4qAQAsgQOCAAQARgAIAAoADAAOAK4BADABADIBADaBAIIAOAEAPAEAIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAIW4Q2gYWChABCS4BAGAQABgA4AYA8gYCCACABwGIBwCgBwC6Bw8IBRpAIAAwADi_BkAAyAfDkAXSBw013wE4CNoHBgknPOAHAOoHAggA8Afo1wL6BxIVJlUFBIIIShUA&s=1920ec2a2d5351cba2acab2069a2cec25a5e8600&bdref=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money,https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 16:14:15 GMT
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3276c7f9-ff61-4887-aa6c-59175f06e276
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/217/ Frame AF4A 85 KB
29 KB 58ms
19ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/217/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d450cb09bfdfb2712a08158c7afd6863c616dadfb632023199c75b75782c23d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 16:14:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Sep 2021 08:36:54 GMT
Server: AkamaiNetStorage
ETag: "68277f83cbab253ca48962032df81624:1632818214.66988"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29380
Expires: Fri, 30 Sep 2022 16:14:15 GMT

GET
H/1.1 200
OK 0dcf4425-44ff-4a0d-95ec-48a67113bd92.jpg
crcdn01.adnxs-simple.com/creative/p/9027/2021/9/29/28623014/ Frame AF4A 93 KB
94 KB 58ms
12ms Image
image/jpeg 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/9027/2021/9/29/28623014/0dcf4425-44ff-4a0d-95ec-48a67113bd92.jpg
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: eb26636217a6040ddf9847d9fb9a295fef58191e79a0b9017086def9e1862680

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 16:14:15 GMT
Last-Modified: Wed, 29 Sep 2021 15:29:52 GMT
Server: nginx/1.19.0
x-amz-request-id: f4b9950a-6ebb-4c95-adfd-74bc0d63e45b
X-Clv-Request-Id: f4b9950a-6ebb-4c95-adfd-74bc0d63e45b
ETag: "3cc4b99b0c23b4a95e8bf2ac9b2ead64"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95269
Expires: Sun, 14 Nov 2021 16:14:15 GMT

GET
H3

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DB7F
Redirect Chain

https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=2039949226
https://securepubads.g.doubleclick.net/tag/js/gpt.js

73 KB
25 KB

35ms
21ms

Script
text/javascript

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

d481f52563ae2cab5c225e85547eb4153063c7c7644bdaf85eca3544c4b6791b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1001 / 347 of 1000 / last-modified: 1633013494"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25724
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Sep 2021 16:14:15 GMT

Redirect headers

date: Thu, 30 Sep 2021 16:14:15 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Thu, 30 Sep 2021 16:44:15 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame DB7F 0
807 B 40ms
14ms Script
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 16:14:15 GMT
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2fdd3bbc-1c90-43b8-9096-47f4f68ed107
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/217/ Frame DB7F 85 KB
29 KB 47ms
17ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/217/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d450cb09bfdfb2712a08158c7afd6863c616dadfb632023199c75b75782c23d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 16:14:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Sep 2021 08:36:54 GMT
Server: AkamaiNetStorage
ETag: "68277f83cbab253ca48962032df81624:1632818214.66988"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29380
Expires: Fri, 30 Sep 2022 16:14:15 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ 0
807 B 50ms
24ms Image
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&e=wqT_3QL7Cnx7BQAAAwDWAAUBCNbE14oGEI2MjMqXj7HEKhgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCbBEQDDuw5MGOMNGQMNGSAJQ0pH4lQFY2LxaYABoqIF0eMOQBYABAYoBA1VTRJIFBvBpmAHQD6ABhAeoAQGwAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQD6AQtob21lX1Jlc2tpbooCWXVmKCdhJywgNTYyMTU1MiwgMTYzMzAxODQ1NCk7dWYoJ2knLCA2Mzk3NTI2LCAxNjMzMDE4NBEdLHInLCAzMTQ0NDM5ODofAPBpkgL5AyFXVTAyR1FpbG81b1lFTktSLUpVQkdBQWcyTHhhTUFBNEFFQUVTTU5HVU83RGt3WllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JBQUFBQQUEDERCQVEFCQUBPHlRSG90T3RtWnNMdlA5a0IFFThBQUE4RF9nQWRhOGhnUDEJMCxDWUFnQ2dBZ0MxQWcBIgRDOQkI8ExEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRek1qSGdBOFlzZ0FRQWlBUUFrQVFBbUFRQndRUQFZCQEITWtFCQkBARREWUJBRHgVnShBQUFpQVhoSWFrRgEMAQEQOEQteEId2Ah3UVUBFwkBAE0ZKAxBQURSLigAADIuKACoT0FGQVBBRjZPSFFCX2dGc0k3WEFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRwlZAQEkQ29CZ0t5QmlRSgEODQEAUg0IAQEAWgEFDQEAaA0ITEFBQUM0QmlnLpoCmQEhY1EtOW5BOv0BKE5pOFdpQUVLQUF4AS8NAUw2Q1VGTlV6RTZORE15TVVER0xFaw0bDER3UDE9NABGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPRIAUEuLtgCAOACn_Ba6gJcaHR0cHM6Ly93d3cud2VzdHdvcmQuY29tL3N0b3J5aHViL2JseGJ1ZHMtcmV2aWV3cy1zY2FtLW9yLWxlZ2l0LWlzLWJseC1idWRzLXdvcnRoLXlvdXItbW9uZXmAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO8GeADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNi4xMzEuMTE0LjE2OKgEALIEEAgAEAEY0A8ghAcoADAAOAK4BADABADIBADSBA45MDI3I0FNUzE6NDMyMdoEAggB4AQB8ATSkfiVAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4C7aBhYKEAAAiaURAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpAIAAwADi_BkAAyAfDkAXSBw21EAE4CNoHBgknPOAHAOoHAggA8Afo1wL6BxIVJrU2BIIIShUA&s=62e83c1c67fafa351fb63719c1c73b00c1f5f070

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 16:14:15 GMT
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 88d5443b-a091-4513-b39b-af0a8a8b3f73
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ 0
807 B 44ms
18ms Image
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&e=wqT_3QKFC4CFBQAAAwDWAAUBCNbE14oGEOv-6KeBw9etaRgAKjYJmpkBAQjJPxERCQQZAAUBCERAIRESACkRCQAxBRq4AERAMO_DkwY4w0ZAw0ZIAlDvs6iVAVjYvFpgAGiogXR4w5AFgAEBigEDVVNEkgEBBvBpmAHYBaABWqgBAbABALgBAcABBMgBAtABANgBAOABAPABAPoBE2hvbWVfU3RpY2t5LURlc2t0b3CKAll1ZignYScsIDM5MzkyMjQsIDE2MzMwMTg0NTQpO3VmKCdpJywgMjc0MjEyNiwgMTodADByJywgMzEzMTM3NjQ3NjwA9A4BkgL9AyE3MWsxandqendzTVFFTy16cUpVQkdBQWcyTHhhTUFBNEFFQUVTTU5HVU9fRGt3WllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JkYXNOYkpxWnlUX0JBWFdyRFd5YW1ja195UUZmMDBybmJXanVQOWtCQUFBQUFBQUE4RF9nQWU2dXB3SDFBUUFBQUFDWUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRek1qSGdBOFlzZ0FRQWlBUUFrQVFBbUFRQndRUUFBQQF-FEFBQU1rRQEHCQEURFlCQUR4FZ0oQUFBaUFYaElha0YBDAEBFDhELXhCUQEKCQEId1FVCQkBAQBNGSgMQUFEUi4oAAAyLigAwE9BRm9Kd0I4QVdCaDlNRS1BV1l0X0FCZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbVoBAjBuSlA2Z0dBYklHSkFrAW4JAQBCHb8EQmsJFAEBAEMdGERMZ0dDZy4umgKZASFqUlRXV0E6AQIwTmk4V2lBRUtBQXhtcAFtXG1aeVQ4NkNVRk5VekU2TkRNeU1VREdMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPQFAUEuLtgCAOACn_Ba6gJcaHR0cHM6Ly93d3cud2VzdHdvcmQuY29tL3N0b3J5aHViL2JseGJ1ZHMtcmV2aWV3cy1zY2FtLW9yLWxlZ2l0LWlzLWJseC1idWRzLXdvcnRoLXlvdXItbW9uZXmAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO8GeADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNi4xMzEuMTE0LjE2OKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjkwMjcjQU1TMTo0MzIx2gQCCAHgBAHwBO-zqJUBiAUBmAUAoAX___________8BwAUAyQWJbRTwP9IFCQkJDHAAANgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AbgLtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vwZAAMgHw5AF0gcNFXQBOAjaBwYJJzzgBwDqBwIIAPAH6NcC-gcSFSYAERFpBIIIShUA&s=c541e6d3586ee70d7e921e819d0bee1854370384

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 16:14:15 GMT
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e6fa4665-b21f-418c-bd41-741358b70da8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 521ms
172ms Script
application/javascript 44.241.125.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.125.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-125-95.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 03:32:44 GMT
server: nginx/1.18.0
etag: W/"1632972764.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Fri, 01 Oct 2021 04:14:15 GMT

GET
H2 200 322 Show response
p.ad.gt/api/v1/p/ 26 KB
8 KB 509ms
168ms Script
application/javascript 34.216.108.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/322
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.108.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-108-96.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 51a355369e2fc35abcef63af6cafba01bb509d5b48c7772cc862eb11cd2e2d6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 03:31:54 GMT
server: nginx/1.18.0
etag: W/"1632972714.0-26603-2710637159"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Fri, 01 Oct 2021 04:14:15 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&adnxs_id=$UID
https://ids.ad.gt/api/v1/match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&adnxs_id=7274894583155433016

43 B
564 B

508ms
181ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&adnxs_id=7274894583155433016
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 01 Oct 2021 04:14:15 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 16:14:15 GMT
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dab45427-03c8-4a43-b9c7-478272d58f7a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&adnxs_id=7274894583155433016
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=0f32fa9d-7198-4613-83f8-b7bc28386656
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=0f32fa9d-7198-4613-83f8-b7bc28386656
https://ids.ad.gt/api/v1/t_match?tdid=3a22df4a-f91d-4421-aff3-d70de5cc5686&id=0f32fa9d-7198-4613-83f8-b7bc28386656

43 B
569 B

513ms
333ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=3a22df4a-f91d-4421-aff3-d70de5cc5686&id=0f32fa9d-7198-4613-83f8-b7bc28386656
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 01 Oct 2021 04:14:15 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=3a22df4a-f91d-4421-aff3-d70de5cc5686&id=0f32fa9d-7198-4613-83f8-b7bc28386656
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D0f32fa9d-7198-4613-83f8-b7bc28386656
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D0f32fa9d-7198-4613-83f8-b7bc28386656
https://ids.ad.gt/api/v1/pbm_match?pbm=F1AEF9B1-E3CB-4DB0-BE84-730EF7C32B15&id=0f32fa9d-7198-4613-83f8-b7bc28386656

43 B
573 B

442ms
184ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=F1AEF9B1-E3CB-4DB0-BE84-730EF7C32B15&id=0f32fa9d-7198-4613-83f8-b7bc28386656
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 01 Oct 2021 04:14:15 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=F1AEF9B1-E3CB-4DB0-BE84-730EF7C32B15&id=0f32fa9d-7198-4613-83f8-b7bc28386656
date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=0f32fa9d-7198-4613-83f8-b7bc28386656
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=0f32fa9d-7198-4613-83f8-b7bc28386656&google_tc=
https://ids.ad.gt/api/v1/g_match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&google_error=15

43 B
179 B

384ms
170ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&google_error=15
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 01 Oct 2021 04:14:15 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=0f32fa9d-7198-4613-83f8-b7bc28386656
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MGYzMmZhOWQtNzE5OC00NjEzLTgzZjgtYjdiYzI4Mzg2NjU2

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MGYzMmZhOWQtNzE5OC00NjEzLTgzZjgtYjdiYzI4Mzg2NjU2

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MGYzMmZhOWQtNzE5OC00NjEzLTgzZjgtYjdiYzI4Mzg2NjU2
date: Thu, 30 Sep 2021 16:14:15 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=0f32fa9d-7198-4613-83f8-b7bc28386656&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D0f32fa9d-7198-4613-83f8-b7bc2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=0f32fa9d-7198-4613-83f8-b7bc28386656&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D0f32fa9...
https://ids.ad.gt/api/v1/adb_match?adb=45348054983310243121754623951852592200&id=0f32fa9d-7198-4613-83f8-b7bc28386656

43 B
478 B

421ms
333ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=45348054983310243121754623951852592200&id=0f32fa9d-7198-4613-83f8-b7bc28386656
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 01 Oct 2021 04:14:15 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v018-08b127a00.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Oo7Lfx7CQJA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ids.ad.gt/api/v1/adb_match?adb=45348054983310243121754623951852592200&id=0f32fa9d-7198-4613-83f8-b7bc28386656
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=0f32fa9d-7198-4613-83f8-b7bc28386656
https://ids.ad.gt/api/v1/ppnt_match?uid=BEmP22HPMgu2&ev=1&pid=562316&id=0f32fa9d-7198-4613-83f8-b7bc28386656

43 B
466 B

241ms
240ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=BEmP22HPMgu2&ev=1&pid=562316&id=0f32fa9d-7198-4613-83f8-b7bc28386656
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 01 Oct 2021 04:14:15 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://ids.ad.gt/api/v1/ppnt_match?uid=BEmP22HPMgu2&ev=1&pid=562316&id=0f32fa9d-7198-4613-83f8-b7bc28386656
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7cfb485474-bftv5
expires: -1

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D0f32fa9d-7198-4613-83f8-b7bc28386656
https://ids.ad.gt/api/v1/mediamath_match?user_id=33766155-e257-4d00-8f8c-c8f045920422&id=0f32fa9d-7198-4613-83f8-b7bc28386656

43 B
484 B

368ms
333ms

Image
image/gif

52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=33766155-e257-4d00-8f8c-c8f045920422&id=0f32fa9d-7198-4613-83f8-b7bc28386656
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 01 Oct 2021 04:14:15 GMT

Redirect headers

Date: Thu, 30 Sep 2021 16:14:15 GMT
Server: MT3 4033 f73cd20 master cdg-pixel-x1 config:1.0.1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=33766155-e257-4d00-8f8c-c8f045920422&id=0f32fa9d-7198-4613-83f8-b7bc28386656
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 30 Sep 2021 16:14:14 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame DB7F 0
830 B 14ms
14ms Ping
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&e=wqT_3QKFC4CFBQAAAwDWAAUBCNbE14oGEOv-6KeBw9etaRgAKjYJmpkBAQjJPxERCQQZAAUBCERAIRESACkRCQAxBRq4AERAMO_DkwY4w0ZAw0ZIAlDvs6iVAVjYvFpgAGiogXR4w5AFgAEBigEDVVNEkgEBBvBpmAHYBaABWqgBAbABALgBAcABBMgBAtABANgBAOABAPABAPoBE2hvbWVfU3RpY2t5LURlc2t0b3CKAll1ZignYScsIDM5MzkyMjQsIDE2MzMwMTg0NTQpO3VmKCdpJywgMjc0MjEyNiwgMTodADByJywgMzEzMTM3NjQ3NjwA9A4BkgL9AyE3MWsxandqendzTVFFTy16cUpVQkdBQWcyTHhhTUFBNEFFQUVTTU5HVU9fRGt3WllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JkYXNOYkpxWnlUX0JBWFdyRFd5YW1ja195UUZmMDBybmJXanVQOWtCQUFBQUFBQUE4RF9nQWU2dXB3SDFBUUFBQUFDWUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRek1qSGdBOFlzZ0FRQWlBUUFrQVFBbUFRQndRUUFBQQF-FEFBQU1rRQEHCQEURFlCQUR4FZ0oQUFBaUFYaElha0YBDAEBFDhELXhCUQEKCQEId1FVCQkBAQBNGSgMQUFEUi4oAAAyLigAwE9BRm9Kd0I4QVdCaDlNRS1BV1l0X0FCZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbVoBAjBuSlA2Z0dBYklHSkFrAW4JAQBCHb8EQmsJFAEBAEMdGERMZ0dDZy4umgKZASFqUlRXV0E6AQIwTmk4V2lBRUtBQXhtcAFtXG1aeVQ4NkNVRk5VekU2TkRNeU1VREdMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPQFAUEuLtgCAOACn_Ba6gJcaHR0cHM6Ly93d3cud2VzdHdvcmQuY29tL3N0b3J5aHViL2JseGJ1ZHMtcmV2aWV3cy1zY2FtLW9yLWxlZ2l0LWlzLWJseC1idWRzLXdvcnRoLXlvdXItbW9uZXmAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO8GeADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNi4xMzEuMTE0LjE2OKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDjkwMjcjQU1TMTo0MzIx2gQCCAHgBAHwBO-zqJUBiAUBmAUAoAX___________8BwAUAyQWJbRTwP9IFCQkJDHAAANgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AbgLtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vwZAAMgHw5AF0gcNFXQBOAjaBwYJJzzgBwDqBwIIAPAH6NcC-gcSFSYAERFpBIIIShUA&s=c541e6d3586ee70d7e921e819d0bee1854370384&type=nv&nvt=5&jm=1003&sid=6477346021200486420&vd=ct~0|rr~0&sv=217&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12902895&sw=1600&sh=1200&pw=1600&ph=4113&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/217/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.westword.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 16:14:15 GMT
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2492a2aa-ebdd-47b0-8d6a-0f717d3b4b37
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.westword.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame AF4A 0
830 B 22ms
22ms Ping
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&e=wqT_3QL7Cnx7BQAAAwDWAAUBCNbE14oGEI2MjMqXj7HEKhgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCbBEQDDuw5MGOMNGQMNGSAJQ0pH4lQFY2LxaYABoqIF0eMOQBYABAYoBA1VTRJIFBvBpmAHQD6ABhAeoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQD6AQtob21lX1Jlc2tpbooCWXVmKCdhJywgNTYyMTU1MiwgMTYzMzAxODQ1NCk7dWYoJ2knLCA2Mzk3NTI2LCAxNjMzMDE4NBEdLHInLCAzMTQ0NDM5ODofAPBpkgL5AyFXVTAyR1FpbG81b1lFTktSLUpVQkdBQWcyTHhhTUFBNEFFQUVTTU5HVU83RGt3WllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JBQUFBQQUEDERCQVEFCQUBPHlRSG90T3RtWnNMdlA5a0IFFThBQUE4RF9nQWRhOGhnUDEJMCxDWUFnQ2dBZ0MxQWcBIgRDOQkI8ExEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRek1qSGdBOFlzZ0FRQWlBUUFrQVFBbUFRQndRUQFZCQEITWtFCQkBARREWUJBRHgVnShBQUFpQVhoSWFrRgEMAQEQOEQteEId2Ah3UVUBFwkBAE0ZKAxBQURSLigAADIuKACoT0FGQVBBRjZPSFFCX2dGc0k3WEFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRwlZAQEkQ29CZ0t5QmlRSgEODQEAUg0IAQEAWgEFDQEAaA0ITEFBQUM0QmlnLpoCmQEhY1EtOW5BOv0BKE5pOFdpQUVLQUF4AS8NAUw2Q1VGTlV6RTZORE15TVVER0xFaw0bDER3UDE9NABGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPRIAUEuLtgCAOACn_Ba6gJcaHR0cHM6Ly93d3cud2VzdHdvcmQuY29tL3N0b3J5aHViL2JseGJ1ZHMtcmV2aWV3cy1zY2FtLW9yLWxlZ2l0LWlzLWJseC1idWRzLXdvcnRoLXlvdXItbW9uZXmAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO8GeADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNi4xMzEuMTE0LjE2OKgEALIEEAgAEAEY0A8ghAcoADAAOAK4BADABADIBADSBA45MDI3I0FNUzE6NDMyMdoEAggB4AQB8ATSkfiVAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4C7aBhYKEAAAiaURAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpAIAAwADi_BkAAyAfDkAXSBw21EAE4CNoHBgknPOAHAOoHAggA8Afo1wL6BxIVJrU2BIIIShUA&s=ec335a8d72628e0c2d369922f071a08533a6b0b3&type=nv&nvt=5&jm=1003&px=-200&py=0&bw=2000&bh=900&sid=6477346021200486420&vd=ct~0|rr~0&sv=217&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12902894&sw=1600&sh=1200&pw=1600&ph=4113&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/217/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.westword.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 16:14:15 GMT
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d77db93e-fbd6-4289-bac0-dbafaf14f514
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.westword.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pubads_impl_2021092201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DB7F 336 KB
118 KB 23ms
22ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=2039949226

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120420
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 08:37:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Sep 2021 16:14:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DB7F 107 B
570 B 42ms
19ms Script
application/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.westword.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DB7F 60 KB
12 KB 540ms
540ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2972350395648635&correlator=295089126691850&output=ldjh&impl=fif&eid=31062996&vrg=2021092201&ptt=17&sc=1&sfv=1-0-38&ecs=20210930&iu_parts=21843165966%3A98238595%2CVoice_Media_Group_Westword&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&cdm=www.westword.com&bc=31&abxe=1&lmt=1633018455&dt=1633018455269&dlt=1633018455089&idt=157&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=436&adys=1024&adks=2443741739&ucis=yikgzjbc0vb&ifi=1&ifk=825216044&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&top=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=556584023.1633018455&ga_sid=1633018455&ga_hid=560637834&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f1a2a8bbd510228f26e4779d13f67de744989296ce46237f6141264b04f77028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12695
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.westword.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
15fb7196f36346d928997189667c5bdf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DDC 6 KB
4 KB 50ms
15ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://15fb7196f36346d928997189667c5bdf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 15fb7196f36346d928997189667c5bdf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westword.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Sep 2021 16:14:15 GMT
expires: Fri, 30 Sep 2022 16:14:15 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 314319633-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 2DBE 115 KB
40 KB 28ms
7ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/314319633-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

fc045e89c97ebbb9db23cf4f70b29e1a7f01f8af8cae5e601c4bc766738ff197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40205
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 02:13:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="federated-signon-mpm-access"
expires: Thu, 29 Sep 2022 17:56:45 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 2DBE 14 B
58 B 220ms
204ms XHR
application/json 216.58.212.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.westword.com&client_id=363304419989-mfqdfior0nbjoc5erpbgviubmhub83vg.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/314319633-idpiframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.173 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f173.1e100.net

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 30 Sep 2021 17:14:15 GMT

OPTIONS
H2 200 /
api-location-prd.pelcro.com/ Frame 0
0 143ms
103ms Preflight
application/json 13.225.87.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Protocol: H2
Server: 13.225.87.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-62.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Origin: https://www.westword.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Thu, 30 Sep 2021 16:14:15 GMT
x-amzn-requestid: 6616d4cd-a92e-4043-a953-8bd4fdb14825
access-control-allow-origin: *
allow: GET
access-control-allow-headers: Authorization, Cache-Control, X-Pelcro-Sdk-Version
x-amz-apigw-id: GfBNsGZ0IAMFUWg=
access-control-allow-methods: GET
x-cache: Miss from cloudfront
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: QxlOs_scCk_AiYYNtxcE68bukARHNEulxhoneB2evua8K-v54-a3fA==

GET
H2 200 / Show response
api-location-prd.pelcro.com/ 350 B
754 B 112ms
112ms XHR
application/json 13.225.87.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-location-prd.pelcro.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-62.fra2.r.cloudfront.net
Software: /
Resource Hash: 97f7faa2ee762c27231fa4098d9a9cb5e6fddbd28e1d7e4f06ce9c095f15480f

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.westword.com/
X-Pelcro-Sdk-Version: 2.5.4
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: e36b3cd9-a56e-4a29-8f5a-924c22e49558
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6155e257-2c50a5a37beb538759ecf09f;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: GfBNtHM_IAMFXkw=
content-length: 350
x-amz-cf-id: x56lOyjz3ibgV-gKi88sUV1qBZEhatfXg2lOx6nqCAHCNAQ4nGhZQA==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 14ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588388814616401&ev=PageView&dl=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&rl=&if=false&ts=1633018455406&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633018455405.1535608912&it=1633018454951&coo=false&exp=p1&rqm=GET

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 30 Sep 2021 16:14:15 GMT

GET
H/1.1 200
OK blxbuds800.jpg
media1.fdncms.com/den/imager/u/golden-m/12455300/ 106 KB
106 KB 138ms
137ms Image
image/jpeg 209.104.5.204
LOGIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.fdncms.com/den/imager/u/golden-m/12455300/blxbuds800.jpg?cb=1632947591

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.104.5.204 Arivaca, United States, ASN22772 (LOGIN, US),

Reverse DNS

fdncms.com

Software

Apache /

Resource Hash

ecf32f821406c4ea8743f386c0ea445866ccbc17b3b3eca6a70ac6ba5427b7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 16:14:15 GMT
Last-Modified: Wed, 29 Sep 2021 20:33:11 GMT
Server: Apache
X-Gyrobase-Publication: den
Age: 70842
Strict-Transport-Security: max-age=3600; includeSubDomains
X-DN-Cache-Control: max-age=2419202
Cache-Control: max-age=7201, s-maxage=7201
Content-Type: image/jpeg
Content-Length: 108154
Expires: Wed, 27 Oct 2021 20:33:35 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/west-word/ 713 KB
105 KB 10ms
9ms Script
text/javascript 13.225.87.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/west-word/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cfd33c901ea82fe2dcea630488f62cf84f7ba8a4b32381a28fa582a2e198e9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:25:09 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 14:05:03 GMT
server: AmazonS3
age: 67747
etag: "9b2c5bd2ec5101a9097857b9f2422a85"
x-edge-origin-shield-skipped: 0
content-type: text/javascript; charset=utf-8
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 106785
x-amz-cf-id: Y0-fLffMpNkrzei29H1H0knxeDB1dt7pRWC1JRQEoYEyPG1nYQ7c4Q==

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 517ms
170ms Script
text/plain 35.84.44.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=08e506d4afbf1dfb64a974e797ebb470&url=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.84.44.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-84-44-29.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 30 Sep 2021 16:14:16 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 491 KB
145 KB 8ms
8ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

80136a428f627348936afc65e6c19de8f3d9a5da7878d19fe778cc9e16f7f4ee

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 147981
x-xss-protection: 0
pragma: public
x-fb-debug: FuZnu3Hs4kWFSZYYBsePMtZU8eSaE+G0R/G0YVRUE4TALUfIxFO5jLBUq4+OmE3g8K8PNI0q3w/tC+IwwB+8og==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Sep 2021 16:14:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 8ms
8ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Sep 2021 16:16:13 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
7ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Sep 2021 16:31:07 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
653 B 190ms
189ms Image
image/gif 52.35.10.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=0f32fa9d-7198-4613-83f8-b7bc28386656&halo_id=0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Fri, 01 Oct 2021 04:14:15 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&rl=&if=false&ts=1633018455727&...
https://cx.atdmt.com/?c=10223614575716800394&f=AYyio3Veh2p78S2bIwdLIcQgIObnKUuqMDgV6l0HPfYCKOy5R-yQGgXE1QwrzayF6pWLstpgXEtnXgRkF43v6eLq&id=1853083501571805&l=3&v=0

43 B
571 B

76ms
45ms

Image
image/gif

157.240.236.12
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=10223614575716800394&f=AYyio3Veh2p78S2bIwdLIcQgIObnKUuqMDgV6l0HPfYCKOy5R-yQGgXE1QwrzayF6pWLstpgXEtnXgRkF43v6eLq&id=1853083501571805&l=3&v=0

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.12 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-atlas-shv-02-frx5.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: BQC0tOm6KXrIuvxTSR/ZXcnk79yvYeKraW0WJjrrTMqnpvoC1UVBqTpxdf92KzbQ7O+03/eakng2AGjs/a6kxQ==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 30 Sep 2021 16:14:15 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:15 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=10223614575716800394&f=AYyio3Veh2p78S2bIwdLIcQgIObnKUuqMDgV6l0HPfYCKOy5R-yQGgXE1QwrzayF6pWLstpgXEtnXgRkF43v6eLq&id=1853083501571805&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
content-length: 0
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012109102127000/ Frame DB7F 189 KB
55 KB 29ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55506
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c42e3b94efe0099e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 10:03:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DB7F 13 KB
5 KB 39ms
17ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4995
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc03df60ee69192f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 10:03:42 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DB7F 89 KB
28 KB 40ms
18ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28507
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "283b6526337df106"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 10:03:42 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DB7F 4 KB
2 KB 43ms
22ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1638
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b3f838efba7b15f2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 10:03:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame DB7F 40 KB
13 KB 43ms
21ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2e8049efde94274d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 10:03:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DB7F 3 KB
580 B 28ms
15ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 15:53:42 GMT
server: ESF
date: Thu, 30 Sep 2021 16:14:15 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 30 Sep 2021 16:14:15 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DB7F 2 KB
3 KB 51ms
7ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 15:01:12 GMT
x-content-type-options: nosniff
server: cafe
age: 4383
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Fri, 01 Oct 2021 15:01:12 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DB7F 295 B
777 B 50ms
6ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 14:31:09 GMT
x-content-type-options: nosniff
server: cafe
age: 6186
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Oct 2021 14:31:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DB7F 0
0 31ms
15ms Image
text/html 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOuw7GYfPhgE5pEeUl0Kk6Ct4VgQKZ8JCC8HXaILn8UtybAuOtAj3mdtqMPyVcnCYV10QqUgJpbGXqFRF1JF9VXFERtA
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DB7F 0
0 32ms
32ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdM25V-JVYZTlEs3f3wPKhYjwCq_S2v9km_Kp_eINgau1iJQOEAEgwsCueGDJBqAB7JLy9QPIAQHgAgCoAwHIAwqqBKkCT9BDg2eX2oXPdO02qrcXvA0O_J7MW9qCzVe_UIpgKmFnLPavyvHXmkeGxe9eSR8RZP7MYjeHhPS4fetMqN_qKrvlXd0IH3qJmCs0tZ-DLB7K2Tkp5rL7aJxEjzvhs4kc1m-ioXNa76P9fz-Jgah56JIpVQlwkg-hajP78gPbCYad4dWmuiQQKmLEbntgVzP3jg82CUxibIGaX9b0px8W_AyWCgVjzcaBqdUts2KJRYVuz1fU6-dpGRsKXErXKUs4GIM-8-kDf-C0InWbZBHVh4mq50WTTGSTe4Un1O4JChyxFthF-51QNl6VujgH8IliNj9pqh-TOwTXdsDIsBF8_yXWjzedwhtrSupO4RNewkXRpLXDdfuUgms7kpoh1u4fvY7MXVm12SODwATz5OH3xAPgBAGAB_zsjQqoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEKDwINIIBwiAYRABGB3yCBthZHgtc3Vic3luLTM4ODQ2NTk2MDY5MjQ2MzmACgPICwHYEwOIFAHQFQGAFwGyFx4KHAgAEhRwdWItNjA1NTg4MjA2Mzc5NTM0ORj963I&sigh=vSkA53mMFvU
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DB7F 11 KB
9 KB 76ms
30ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

eaf42014a755fee1824581397cb92227bf40351f2abed10a825afa263531759f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 16:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8450
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DB7F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6b7ba0d6a6f35e431f54f3ded78874bee00625684020d650b609af9ff133cc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DB7F 21 KB
21 KB 8ms
8ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 199810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 08:44:05 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DB7F 21 KB
21 KB 11ms
6ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.westword.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 216358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 04:08:17 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DB7F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

61ms
40ms

Image
text/html

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 30 Sep 2021 16:14:15 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=588388814616401&ev=Microdata&dl=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&rl=&if=false&ts=1633018455917&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BLXBuds%20Reviews%20(Scam%20or%20Legit)%20-%20Is%20BLX%20Buds%20Worth%20Your%20Money%3F%22%2C%22meta%3Adescription%22%3A%22Nowadays%2C%20listening%20to%20your%20favourite%20songs%20using%20wireless%20earbuds%20has%20become%20very%20popular.%22%2C%22meta%3Akeywords%22%3A%22Denver%20news%2C%20Colorado%20news%2C%20Denver%20events%2C%20Colorado%20events%2C%20Westword%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money%22%2C%22og%3Asite_name%22%3A%22Westword%22%2C%22og%3Atitle%22%3A%22BLXBuds%20Reviews%20(Scam%20or%20Legit)%20-%20Is%20BLX%20Buds%20Worth%20Your%20Money%3F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia1.fdncms.com%2Fden%2Fimager%2Fu%2Fslideshow%2F12455300%2Fblxbuds800.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221524%22%2C%22og%3Aimage%3Aheight%22%3A%22947%22%2C%22og%3Adescription%22%3A%22Nowadays%2C%20listening%20to%20your%20favourite%20songs%20using%20wireless%20earbuds%20has%20become%20very%20popular.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633018455405.1535608912&it=1633018454951&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 30 Sep 2021 16:14:15 GMT

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame DB7F 0
0

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame AF4A 0
830 B 13ms
13ms Ping
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&e=wqT_3QL7Cnx7BQAAAwDWAAUBCNbE14oGEI2MjMqXj7HEKhgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCbBEQDDuw5MGOMNGQMNGSAJQ0pH4lQFY2LxaYABoqIF0eMOQBYABAYoBA1VTRJIFBvBpmAHQD6ABhAeoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQD6AQtob21lX1Jlc2tpbooCWXVmKCdhJywgNTYyMTU1MiwgMTYzMzAxODQ1NCk7dWYoJ2knLCA2Mzk3NTI2LCAxNjMzMDE4NBEdLHInLCAzMTQ0NDM5ODofAPBpkgL5AyFXVTAyR1FpbG81b1lFTktSLUpVQkdBQWcyTHhhTUFBNEFFQUVTTU5HVU83RGt3WllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JBQUFBQQUEDERCQVEFCQUBPHlRSG90T3RtWnNMdlA5a0IFFThBQUE4RF9nQWRhOGhnUDEJMCxDWUFnQ2dBZ0MxQWcBIgRDOQkI8ExEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRek1qSGdBOFlzZ0FRQWlBUUFrQVFBbUFRQndRUQFZCQEITWtFCQkBARREWUJBRHgVnShBQUFpQVhoSWFrRgEMAQEQOEQteEId2Ah3UVUBFwkBAE0ZKAxBQURSLigAADIuKACoT0FGQVBBRjZPSFFCX2dGc0k3WEFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRwlZAQEkQ29CZ0t5QmlRSgEODQEAUg0IAQEAWgEFDQEAaA0ITEFBQUM0QmlnLpoCmQEhY1EtOW5BOv0BKE5pOFdpQUVLQUF4AS8NAUw2Q1VGTlV6RTZORE15TVVER0xFaw0bDER3UDE9NABGERgMQUFBRx0YAEcdGABIHRgQSGdBaVEdEPRIAUEuLtgCAOACn_Ba6gJcaHR0cHM6Ly93d3cud2VzdHdvcmQuY29tL3N0b3J5aHViL2JseGJ1ZHMtcmV2aWV3cy1zY2FtLW9yLWxlZ2l0LWlzLWJseC1idWRzLXdvcnRoLXlvdXItbW9uZXmAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO8GeADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzIxNi4xMzEuMTE0LjE2OKgEALIEEAgAEAEY0A8ghAcoADAAOAK4BADABADIBADSBA45MDI3I0FNUzE6NDMyMdoEAggB4AQB8ATSkfiVAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4C7aBhYKEAAAiaURAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpAIAAwADi_BkAAyAfDkAXSBw21EAE4CNoHBgknPOAHAOoHAggA8Afo1wL6BxIVJrU2BIIIShUA&s=ec335a8d72628e0c2d369922f071a08533a6b0b3&type=pv&jm=1003&px=-200&py=0&bw=2000&bh=900&sf=0.8&sid=6477346021200486420&vd=ct~0|rr~5&sv=217&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12902894&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/217/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.westword.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 16:14:16 GMT
X-Proxy-Origin: 216.131.114.168; 216.131.114.168; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 408d2f71-8943-4f13-a441-2a7d6373d9da
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.westword.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5392 0
182 B 108ms
33ms Document
text/html 54.195.66.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&upid=07ypglr&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.66.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-66-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&upid=07ypglr&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westword.com/
accept-encoding: gzip, deflate, br
cookie: TDID=3a22df4a-f91d-4421-aff3-d70de5cc5686; TDCPM=CAEYBSABKAIyCwia98_Cgo6COhAFOAE.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/

Response headers

date: Thu, 30 Sep 2021 16:14:16 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 2EA7 2 KB
2 KB 8ms
8ms Document
text/html 13.224.193.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/60bf73dba4d9510011da24c7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-29.fra2.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

:method: GET
:authority: api.pushnami.com
:scheme: https
:path: /scripts/v1/hub
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westword.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/

Response headers

content-type: text/html; charset=utf-8
date: Thu, 30 Sep 2021 15:31:59 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
x-edge-origin-shield-skipped: 0
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: xH33EFov_Hj7AoBTzxw02tYUS7qQvR5OzJ19ZsHxHG5VJxCq4DbV2A==
age: 2537

GET
H2 200 / Show response
js.stripe.com/v3/ 255 KB
62 KB 47ms
8ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1b21163ceb5490c1a4ee8a364ddb42e5803d95c7df4dd8a25cb9fe5cb787c2bf

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:16 GMT
content-encoding: br
vary: Accept-Encoding
age: 268
via: 1.1 varnish
x-cache: HIT
content-length: 62576
x-amz-id-2: w/nDWdRS9n9Y5mnFMSpyWsBdtrqk4cCXGagqK0mpEfS2XFF4QSqsypbDBswo1+iHF5YgNUCIq6I=
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Tue, 28 Sep 2021 19:32:12 GMT
server: AmazonS3
etag: "a1ccb8cc30a0df030afea1cfede79d8f"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: RPPTZHRJZ8CTTEPS
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 132

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/ui/plugin/west-word/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4936
date: Thu, 30 Sep 2021 14:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 30 Sep 2021 16:52:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money&rl=&if=false&ts=1633018456251&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BLXBuds%20Reviews%20(Scam%20or%20Legit)%20-%20Is%20BLX%20Buds%20Worth%20Your%20Money%3F%22%2C%22meta%3Adescription%22%3A%22Nowadays%2C%20listening%20to%20your%20favourite%20songs%20using%20wireless%20earbuds%20has%20become%20very%20popular.%22%2C%22meta%3Akeywords%22%3A%22Denver%20news%2C%20Colorado%20news%2C%20Denver%20events%2C%20Colorado%20events%2C%20Westword%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.westword.com%2Fstoryhub%2Fblxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money%22%2C%22og%3Asite_name%22%3A%22Westword%22%2C%22og%3Atitle%22%3A%22BLXBuds%20Reviews%20(Scam%20or%20Legit)%20-%20Is%20BLX%20Buds%20Worth%20Your%20Money%3F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia1.fdncms.com%2Fden%2Fimager%2Fu%2Fslideshow%2F12455300%2Fblxbuds800.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221524%22%2C%22og%3Aimage%3Aheight%22%3A%22947%22%2C%22og%3Adescription%22%3A%22Nowadays%2C%20listening%20to%20your%20favourite%20songs%20using%20wireless%20earbuds%20has%20become%20very%20popular.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633018455405.1535608912&it=1633018454951&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 30 Sep 2021 16:14:16 GMT

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
224 B 594ms
594ms Fetch
text/html 52.201.77.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.77.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-77-148.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.westword.com/
key: 60bf73dba4d9510011da24c7
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.westword.com
date: Thu, 30 Sep 2021 16:14:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 955ms
751ms Preflight
application/json 52.201.77.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Server: 52.201.77.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-77-148.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://www.westword.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 30 Sep 2021 16:14:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westword.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame BE5D 215 B
513 B 6ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.westword.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/

Response headers

x-amz-id-2: S8RkKjUvGhyt6jQNp1X/lmyOxuVbUxa5ws9BscSg1VAbbCZk8d5SOLq3OIqSzyZ03jB5ntKPgTE=
x-amz-request-id: MQXCB4P55C93DGFD
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
etag: "9475bd26486e6119b23924eebd3d561a"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 30 Sep 2021 16:14:16 GMT
via: 1.1 varnish
age: 267
x-served-by: cache-hhn4031-HHN
x-cache: HIT
x-cache-hits: 652
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 130

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BE5D 1 KB
815 B 6ms
6ms Script
application/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:14:16 GMT
content-encoding: br
vary: Accept-Encoding
age: 267
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: U6vlEoRjCL+1RaaQtZoBcTeYAqWleJHdND9ul1OQvN3N03GHz7lfxY1i/vP+Hw8mxim2SbQIZiM=
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
etag: "01f873d478053c6a0368329ea08f7a10"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 9DA6EEF1DS1V8C2X
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 648

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 625C 932 B
2 KB 66ms
7ms Document
text/html 13.224.193.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-37.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
date: Thu, 30 Sep 2021 16:10:05 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: HTD7xGR70iZKgjiUa3W_a-pcfDfKusReUqP6pPiCx2HRxRlsmPYbMQ==
age: 252

POST
H2 200 csp-report
q.stripe.com/ Frame 625C 0
121 B 521ms
170ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.westword.com
URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Sep 2021 16:14:16 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 625C 85 KB
16 KB 7ms
7ms Script
application/javascript 13.224.193.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-37.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 16:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Cloudfront
age: 270
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
timing-allow-origin: *
vary: Accept-Encoding,Accept-Encoding
x-amz-cf-id: mExza4AAAFP2Wa1gJWlRjQIq0XWvaleUIz7UgeeK_UiFwWQbLDY-EA==

POST
H2 200 6 Show response
m.stripe.com/ Frame 625C 156 B
518 B 1446ms
181ms XHR
text/plain 34.215.192.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.192.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-192-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5d8783626c720fef1081adde74e4d8f8a07a35a5928a694409e1c2b28132bf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Sep 2021 16:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DB7F 0
0 39ms
38ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx-gnV-JVYZTlEs3f3wPKhYjwCq_S2v9km_Kp_eINgau1iJQOEAEgwsCueGDJBqAB7JLy9QPIAQHgAgCoAwGqBKkCT9BDg2eX2oXPdO02qrcXvA0O_J7MW9qCzVe_UIpgKmFnLPavyvHXmkeGxe9eSR8RZP7MYjeHhPS4fetMqN_qKrvlXd0IH3qJmCs0tZ-DLB7K2Tkp5rL7aJxEjzvhs4kc1m-ioXNa76P9fz-Jgah56JIpVQlwkg-hajP78gPbCYad4dWmuiQQKmLEbntgVzP3jg82CUxibIGaX9b0px8W_AyWCgVjzcaBqdUts2KJRYVuz1fU6-dpGRsKXErXKUs4GIM-8-kDf-C0InWbZBHVh4mq50WTTGSTe4Un1O4JChyxFthF-51QNl6VujgH8IliNj9pqh-TOwTXdsDIsBF8_yXWjzedwhtrSupO4RNewkXRpLXDdfuUgms7kpoh1u4fvY7MXVm12SODwATz5OH3xAPgBAGAB_zsjQqoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEKDwINIIBwiAYRABGB3yCBthZHgtc3Vic3luLTM4ODQ2NTk2MDY5MjQ2MzmACgPICwHYEwOIFAHQFQGAFwGyFx4KHAgAEhRwdWItNjA1NTg4MjA2Mzc5NTM0ORj963I&sigh=_lKMcqhco-k&vt=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DB7F 42 B
64 B 49ms
35ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHyZCPVp0S_6b0F_h5LPeJxzwJ4XHWYSwqSX2G52isIsCeGLkMBfm0t704rum4pg_Tw6Fl97cLbOzA0vkpSOd1zfBdSn_1cSVYtWuliHdJZs-vKK4&sai=AMfl-YTb5L8poEqzGUxP89XgKZysGHIdFjOaeiTtkNVwmQ10hkUddpQi-u448im4I061d6ajJnrKGRevDX9_WsnTIb3PEaEVwUDihdUQrU3OcXtJrN2XmqyXQMOOBCzL&sig=Cg0ArKJSzFkmnvspPk8uEAE&cid=CAASFeRokTjJdkSKanswTpNftFelNtG1rw&id=ampim&o=436,1024&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=55&tls=1055&g=100&h=100&tt=1055&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2443741739

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westword.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 16:14:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 02:00:29	Name: NID Value: 511=oV2zd3qpP-Bc5_VJEmQ8FQ5Y2s5Tg5sFtsOKfq918mZcGdVXPC1DVdyAz_oNTCU27SKfdwNxx8mBY5oJLdyp9jzLg7ZxCjuKIr6DXOaeQXmjErfT6T3C1QHPKYEkdkE1E1n0mjJ1EmLv1-p8OTMVaPBP_Um6cAxWKAWQ8p-hdOg
.westword.com/	1970-01-20 15:08:10	Name: _ga Value: GA1.2.556584023.1633018455
.westword.com/	1970-01-19 21:38:24	Name: _gid Value: GA1.2.1132364337.1633018455
.westword.com/	1970-01-19 21:36:58	Name: _gat Value: 1
www.westword.com/	1970-01-20 07:05:46	Name: _cb_ls Value: 1
www.westword.com/	1970-01-20 07:05:46	Name: _cb Value: D1kig2DeY3DiDK9vYG
www.westword.com/	1970-01-20 07:05:46	Name: _chartbeat2 Value: .1633018454974.1633018454974.1.CxTEBdDgVFGNCPsUUIB8tRwpB8wiqc.1
www.westword.com/	1970-01-19 21:37:00	Name: _cb_svref Value: null
.www.westword.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.quantserve.com/	1970-01-20 07:07:12	Name: mc Value: 6155e257-0bc29-e80f9-a6bff
.westword.com/	1970-01-20 07:01:27	Name: __qca Value: P0-253959784-1633018455029
.adnxs.com/	1970-01-19 23:46:34	Name: icu Value: ChgIiORHEAoYASABKAEw18TXigY4AUABSAEQ18TXigYYAA..
.adnxs.com/	1970-01-19 23:46:34	Name: uuid2 Value: 7274894583155433016
.ad.gt/	1970-01-20 15:08:10	Name: au_id Value: 0f32fa9d-7198-4613-83f8-b7bc28386656
.ad.gt/	1970-01-19 21:38:24	Name: au_idmatch Value: {"apn": "2021-09-30", "ttd": "2021-09-30", "pub": "2021-09-30", "adx": "2021-09-30", "halo": "2021-09-30", "goo": "2021-09-30", "ado": "2021-09-30", "ppnt": "2021-09-30", "mediamath": "2021-09-30"}
.pubmatic.com/	1970-01-19 23:46:34	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-19 23:46:34	Name: KADUSERCOOKIE Value: F1AEF9B1-E3CB-4DB0-BE84-730EF7C32B15
.adsrvr.org/	1970-01-20 06:22:34	Name: TDID Value: 3a22df4a-f91d-4421-aff3-d70de5cc5686
.adsrvr.org/	1970-01-20 06:22:34	Name: TDCPM Value: CAEYBSABKAIyCwia98_Cgo6COhAFOAE.
.demdex.net/	1970-01-20 01:56:10	Name: demdex Value: 45348054983310243121754623951852592200
.dpm.demdex.net/	1970-01-20 01:56:10	Name: dpm Value: 45348054983310243121754623951852592200
.westword.com/	1970-01-19 23:46:34	Name: _fbp Value: fb.1.1633018455405.1535608912
.mathtag.com/	1970-01-20 07:02:53	Name: uuid Value: 33766155-e257-4d00-8f8c-c8f045920422
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4eef700031e86ea9
.westword.com/	1970-01-20 06:15:22	Name: pelcro.unique.id Value: dGduaWJub2NmbXNrdTc1MHdtdQ==
.ad.gt/	1970-01-20 15:08:10	Name: last_seeng_hosted Value: 1633018455579
.ad.gt/	1970-01-20 15:08:10	Name: g_hosted Value:
.ad.gt/	1970-01-20 15:08:10	Name: last_seenadnxs Value: 1633018455590
.ad.gt/	1970-01-20 15:08:10	Name: adnxs_id Value: 7274894583155433016
.ad.gt/	1970-01-20 15:08:10	Name: first_seenadnxs Value: 1633018455590
.ad.gt/	1970-01-20 15:08:10	Name: last_seenpbm Value: 1633018455594
.ad.gt/	1970-01-20 15:08:10	Name: pbm Value: F1AEF9B1-E3CB-4DB0-BE84-730EF7C32B15
.ad.gt/	1970-01-20 15:08:10	Name: first_seenpbm Value: 1633018455594
.facebook.com/	1970-01-19 23:46:34	Name: fr Value: 0DHUlL6V8W6OxeAj9..BhVeJX..GFV.1.0.BhVeJX.
.doubleclick.net/	1970-01-20 15:08:10	Name: IDE Value: AHWqTUm_yCsDrk3VBFKXytcIvRwfx-UZYNdAC9K7R_1y1vwKQ6M2hS-libZWIpIsaCA
.westword.com/	1970-01-20 06:58:34	Name: __gads Value: ID=a4b71591b353a2c8:T=1633018455:S=ALNI_MbAMJsh9GpH24TjcHEnX57FatCqJw
.ad.gt/	1970-01-20 15:08:10	Name: last_seentd Value: 1633018455595
.ad.gt/	1970-01-20 15:08:10	Name: tdid Value: 3a22df4a-f91d-4421-aff3-d70de5cc5686
.ad.gt/	1970-01-20 15:08:10	Name: first_seentd Value: 1633018455595
.ad.gt/	1970-01-20 15:08:10	Name: last_seenmediamath Value: 1633018455597
.ad.gt/	1970-01-20 15:08:10	Name: user_id Value: 33766155-e257-4d00-8f8c-c8f045920422
.ad.gt/	1970-01-20 15:08:10	Name: last_seenadb Value: 1633018455597
.ad.gt/	1970-01-20 15:08:10	Name: adb Value: 45348054983310243121754623951852592200
.ad.gt/	1970-01-20 15:08:10	Name: last_seenpulsepoint Value: 1633018455686
.ad.gt/	1970-01-20 15:08:10	Name: uid Value: BEmP22HPMgu2
.ad.gt/	1970-01-20 15:08:10	Name: last_seenhaloid Value: 1633018455804
.ad.gt/	1970-01-20 15:08:10	Name: halo_id Value: 0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 15:08:10	Name: first_seenhaloid Value: 1633018455804
.doubleclick.net/	1970-01-19 21:37:02	Name: DSID Value: NO_DATA
m.stripe.com/	1970-01-20 15:08:10	Name: m Value: 1f509b60-8669-4669-ba58-495ac83d28aeb49624
.www.westword.com/	1970-01-20 06:22:34	Name: __stripe_mid Value: 9dd4c8f2-15f0-4859-944c-1eb67412c548a53439
.www.westword.com/	1970-01-19 21:37:00	Name: __stripe_sid Value: a4c884aa-2da8-4a52-8ea7-58caef484cbec613f9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.westword.com/storyhub/blxbuds-reviews-scam-or-legit-is-blx-buds-worth-your-money Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15fb7196f36346d928997189667c5bdf.safeframe.googlesyndication.com
a.ad.gt
accounts.google.com
acdn.adnxs.com
adservice.google.com
ams1-ib.adnxs.com
api-location-prd.pelcro.com
api.pushnami.com
apis.google.com
aufp.io
bh.contextweb.com
cd.connatix.com
cdn.adnxs.com
cdn.ampproject.org
cdn.jsdelivr.net
cds.connatix.com
cm.g.doubleclick.net
connect.facebook.net
crcdn01.adnxs-simple.com
cx.atdmt.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
ids.ad.gt
image2.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
js.pelcro.com
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
media1.fdncms.com
p.ad.gt
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pixels.ad.gt
platform.twitter.com
psp.pushnami.com
q.stripe.com
rules.quantcount.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
ssl.gstatic.com
static.chartbeat.com
stats.g.doubleclick.net
sync.mathtag.com
syndication.twitter.com
tpc.googlesyndication.com
trc.pushnami.com
www.facebook.com
www.google-analytics.com
www.google.com
www.pelcro.com
www.westword.com
tpc.googlesyndication.com
104.22.9.88
104.244.42.72
13.224.190.164
13.224.193.27
13.224.193.29
13.224.193.37
13.225.85.149
13.225.87.46
13.225.87.62
142.250.184.193
142.250.184.194
142.250.184.238
142.250.185.170
142.250.185.194
142.250.185.78
142.250.186.130
142.250.186.162
142.250.186.65
142.250.186.99
142.250.74.193
151.101.1.229
151.101.130.137
151.101.192.176
151.101.65.108
157.240.236.1
157.240.236.12
157.240.236.35
172.217.23.100
172.217.23.99
172.67.72.250
185.29.134.248
185.33.221.15
185.33.221.87
185.33.221.89
185.64.190.80
198.148.27.140
2.18.232.130
209.104.5.204
216.58.212.173
3.232.164.179
34.215.192.98
34.216.108.96
35.167.53.177
35.190.88.7
35.84.44.29
44.241.125.95
52.201.77.148
52.213.161.66
52.35.10.191
54.186.23.98
54.195.66.206
54.208.153.186
74.125.133.156
76.223.111.131
91.228.74.134
93.184.220.66
010197d1993c80fa2d28758f166043e0eace7c062d11df8a4bcb342fa8755b53
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
107e4ac9be55ac296c7bbb823159b4a1b7b640d10b05b94e343de3b717b10559
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1295392dc1ad49ec647789fb43abc365e98aee26822f397ba16a24d9acf6a689
131911bf220ea99b0c5cb656841224dba94da7314169f3069ccac0815bc9e0df
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
14d6fa0add72b520785550d10a22373d383420fded6809a4b1f6f584d094c430
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b21163ceb5490c1a4ee8a364ddb42e5803d95c7df4dd8a25cb9fe5cb787c2bf
1c60fbb2cbbef335bceb50752f77180c710787594e46f9e00d13121c489af0f5
20de6d868da34f858f29c591051e6a090968af31da2519ea6ea28183e41430a7
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
380a2b96ba56a2981cd1c689b78edd8b91096f843ebec8ba62de16c8d8afd2fb
398dc6dbd96011b1221e4ae2d74302edf250d806c06bc696701a2dcb63d331ba
415c2848aa4a274a1e80af7986607cd96b1a43c198978a97a639e258f0b195b5
42b4eb7693522f770247be97697ee3a27358daf6773ee69c62c6066a75f0c78f
48e66e73048706fa4d36d4b10033b268c63408c0304395f11ef661a278c403bf
4cdf8ce1a03cd874932cf9f0906a8b37ee52dae75b7005a134668c4ad58b34b6
51643413920fb7346927f681edf04d04a89cbdd95e4b1f6c52808328bf92ad4e
51809bc55f512c21a3829627405dfec8796820392303908a9e011691de6f79f7
51a355369e2fc35abcef63af6cafba01bb509d5b48c7772cc862eb11cd2e2d6a
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557cbf5d2d2979926354eca107f2156e627889e3e98ada83e9308726e61a7bc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
574cbb5df8111bd7200b1ab17b0f2669125460257e2d642af3b7b1c1e0ab50d7
5a1b092d7e105d5ecda0bd16c3642bc9c9a19ce1c86318331d81c8d40217641c
5d8783626c720fef1081adde74e4d8f8a07a35a5928a694409e1c2b28132bf4a
5df15388f38138769e22903a5eef22c8a94b9ddaf0dbe3e47bf0819b0cb9f6fe
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
6a2392c64018794b7a9c85180eacdebc6457b7e852105ccd92b926abba1be99c
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
7695feb46c048dd3913799f3c10f10370f4061341634c109ae4f267752183203
776e3f7f770c1c414b69c57f91f258130ed20df76287d4ee2c6930792110fc75
7c52965e97e25fc384a2d740f9b558186a6da55dafa480fdae5f29225b9721dc
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80136a428f627348936afc65e6c19de8f3d9a5da7878d19fe778cc9e16f7f4ee
845ad1f6dd26f9bd5032286802bfd921280c23a41ef4abd7d7ae055f3088a651
84b742c171dadedcad5db808d8dca7c9b19487365533eee7919cebe8e88c3cf6
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8fb6be382fc0265c274be5e74b0daa523ced214f6edb94616b974411a8a62b4b
9394db09c7d923e754846eb13c2c5178ba4cdb990a0e7c687b02cc1028e9c242
954e9241dcd1269c38f5260b6adabdec38b82f7e50fcc891acc296023064ddff
97f7faa2ee762c27231fa4098d9a9cb5e6fddbd28e1d7e4f06ce9c095f15480f
9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb
9cfd33c901ea82fe2dcea630488f62cf84f7ba8a4b32381a28fa582a2e198e9c
9f44becebd35a6e9ec71d4917ee8690eb00a0b0f0c9c7fa230f504464e9c643c
9fb64345d71f4c06846abe03f864274565b24fea10d791e4d20ba60b0963076d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23b89b99b70efd3ae455b60bbf63a6dfc26b21e84656adebe0c7c5aa8eaa1c0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73eb3a275137c862b8aede37f767fb8878199c38388c804d40811205fb3b396
a87537ab1c7129d0dba8d97195cf16c52600abbbe587d778f8a6d7baf920bd02
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b332ac60714bc69c5f411267b8cd63190e8a82b17b552d7c85aa9d796edba2af
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
bba2ced9f2c1f257195ebcb6d968f122be0d3fbd042fb1b7e66d256a9cda09d3
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d450cb09bfdfb2712a08158c7afd6863c616dadfb632023199c75b75782c23d6
d481f52563ae2cab5c225e85547eb4153063c7c7644bdaf85eca3544c4b6791b
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
d6b7ba0d6a6f35e431f54f3ded78874bee00625684020d650b609af9ff133cc0
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e473c5a0ab2d00ffbdeb98695814298342e62af559b10d7aebce684dee1cf24a
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
eaf42014a755fee1824581397cb92227bf40351f2abed10a825afa263531759f
eb26636217a6040ddf9847d9fb9a295fef58191e79a0b9017086def9e1862680
ecf32f821406c4ea8743f386c0ea445866ccbc17b3b3eca6a70ac6ba5427b7c8
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1282f636c15cbfddf8ab93ae34e6befffdc3c396df9cc7cca02e0475aa6753c
f1a2a8bbd510228f26e4779d13f67de744989296ce46237f6141264b04f77028
f217bbae5732034eaf08f67f2c4ce3d6ab6f8cfb6c178a30521ea0a0ece9b11b
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
fc045e89c97ebbb9db23cf4f70b29e1a7f01f8af8cae5e601c4bc766738ff197
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd55acbe373b8ce45a4ca931775510a3dfa9fd40ec8505ae7291feb7b0b62575

www.westword.com Open in urlscan Pro 172.67.72.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

99 %HTTPS

0 %IPv6

33 Domains

60 Subdomains

51 IPs

6 Countries

4615 kBTransfer

14635 kBSize

52 Cookies

14 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.westword.com Open in urlscan Pro
172.67.72.250 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

99 %
HTTPS

0 %
IPv6

33
Domains

60
Subdomains

51
IPs

6
Countries

4615 kB
Transfer

14635 kB
Size

52
Cookies

131 HTTP transactions
4 data transactions