journalrecord.com Open in urlscan Pro
18.155.145.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Submission: On November 11 via api (November 11th 2022, 11:46:06 am UTC) from US — Scanned from DE

Summary HTTP 272 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 52 IPs in 4 countries across 36 domains to perform 272 HTTP transactions. The main IP is 18.155.145.111, located in United States and belongs to AMAZON-02, US. The main domain is journalrecord.com. The Cisco Umbrella rank of the primary domain is 457333.
TLS certificate: Issued by Amazon on January 5th 2022. Valid for: a year.

This is the only time journalrecord.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10 65	18.155.145.111 18.155.145.111	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
8	108.138.17.109 108.138.17.109	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	213.174.159.12 213.174.159.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
8	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	100.25.1.9 100.25.1.9	14618 (AMAZON-AES) (AMAZON-AES)
10	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:2600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
15	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
5	44.241.209.103 44.241.209.103	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	18.66.112.59 18.66.112.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
17	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9973	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.174.82.79 54.174.82.79	14618 (AMAZON-AES) (AMAZON-AES)
3 4	52.4.134.158 52.4.134.158	14618 (AMAZON-AES) (AMAZON-AES)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.145.152.25 54.145.152.25	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
272	52

65 18.155.145.111 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-155-145-111.ham50.r.cloudfront.net

journalrecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.138.17.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-109.fra56.r.cloudfront.net

p814.journalrecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.159.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

analytics.apnewsregistry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3022.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.25.1.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-1-9.compute-1.amazonaws.com

bridgetowermedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb-logs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.241.209.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-209-103.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f5b370301eba121ff11a3e827d7eb72c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9973 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.82.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-82-79.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.4.134.158 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-134-158.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.152.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-152-25.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	journalrecord.com 10 redirects journalrecord.com — Cisco Umbrella Rank: 457333 p814.journalrecord.com	781 KB
33	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	252 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 f5b370301eba121ff11a3e827d7eb72c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	670 KB
19	media.net warp.media.net — Cisco Umbrella Rank: 2279 hbx.media.net — Cisco Umbrella Rank: 1126 prebid.media.net — Cisco Umbrella Rank: 1201 pb-logs.media.net — Cisco Umbrella Rank: 15860	127 KB
16	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4627 api.omappapi.com — Cisco Umbrella Rank: 4846	83 KB
16	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72 apis.google.com — Cisco Umbrella Rank: 98	97 KB
13	userway.org cdn.userway.org — Cisco Umbrella Rank: 4928 api.userway.org — Cisco Umbrella Rank: 4940	250 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	604 KB
9	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6735 router.infolinks.com — Cisco Umbrella Rank: 2500 rt3022.infolinks.com — Cisco Umbrella Rank: 332221	150 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	384 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 725 syndication.twitter.com — Cisco Umbrella Rank: 990	150 KB
6	clickagy.com 3 redirects tags.clickagy.com — Cisco Umbrella Rank: 6532 aorta.clickagy.com — Cisco Umbrella Rank: 1522 hemsync.clickagy.com — Cisco Umbrella Rank: 6019	16 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	116 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1571 in.ml314.com — Cisco Umbrella Rank: 8237	11 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8709 www.google.de — Cisco Umbrella Rank: 5922	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 400	764 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321 id.rlcdn.com — Cisco Umbrella Rank: 540	140 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 715	141 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	15 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 146	2 KB
2	blueconic.net bridgetowermedia.blueconic.net — Cisco Umbrella Rank: 113779	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	84 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2489 p1.parsely.com — Cisco Umbrella Rank: 1889	21 KB
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 14569 pixel.quantserve.com — Cisco Umbrella Rank: 664	10 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 160 partner.googleadservices.com — Cisco Umbrella Rank: 860	17 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	32 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 712	72 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4880	2 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 847	642 B
1	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1638	400 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4220 i.simpli.fi Failed	4 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3106	160 KB
1	apnewsregistry.com analytics.apnewsregistry.com — Cisco Umbrella Rank: 670343
0	compete.com Failed c.compete.com Failed
272	36

	Domain	Requested by
65	journalrecord.com	10 redirects journalrecord.com
28	securepubads.g.doubleclick.net	journalrecord.com securepubads.g.doubleclick.net www.googletagservices.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
15	a.omappapi.com	journalrecord.com a.omappapi.com
12	pagead2.googlesyndication.com	journalrecord.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	www.google.com	journalrecord.com www.gstatic.com securepubads.g.doubleclick.net www.google.com tpc.googlesyndication.com
9	prebid.media.net	warp.media.net
9	www.googletagservices.com	journalrecord.com securepubads.g.doubleclick.net
8	pb-logs.media.net	journalrecord.com
8	cdn.userway.org	journalrecord.com cdn.userway.org
8	p814.journalrecord.com	journalrecord.com p814.journalrecord.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	api.userway.org	cdn.userway.org
4	platform.twitter.com	journalrecord.com platform.twitter.com
4	connect.facebook.net	p814.journalrecord.com connect.facebook.net journalrecord.com
4	aorta.clickagy.com	3 redirects tags.clickagy.com
4	www.google-analytics.com	journalrecord.com www.google-analytics.com
4	resources.infolinks.com	journalrecord.com resources.infolinks.com
3	router.infolinks.com	resources.infolinks.com
3	googleads.g.doubleclick.net	www.googleadservices.com pagead2.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	syndication.twitter.com	platform.twitter.com
2	pixel.tapad.com	1 redirects resources.infolinks.com
2	apis.google.com	journalrecord.com apis.google.com
2	rt3022.infolinks.com	resources.infolinks.com
2	ml314.com	journalrecord.com ml314.com
2	static.xx.fbcdn.net	www.facebook.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.facebook.com	cdnjs.cloudflare.com connect.facebook.net
2	sb.scorecardresearch.com	journalrecord.com
2	bridgetowermedia.blueconic.net	p814.journalrecord.com
2	www.googletagmanager.com	journalrecord.com
2	cdnjs.cloudflare.com	journalrecord.com
2	maxcdn.bootstrapcdn.com	journalrecord.com maxcdn.bootstrapcdn.com
2	fonts.googleapis.com	journalrecord.com a.omappapi.com
1	hemsync.clickagy.com	tags.clickagy.com
1	id.rlcdn.com	journalrecord.com
1	idsync.rlcdn.com	journalrecord.com
1	cm.g.doubleclick.net	1 redirects
1	in.ml314.com	ml314.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	tags.clickagy.com	ws.zoominfo.com
1	www.google.de	journalrecord.com
1	api.omappapi.com	a.omappapi.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.quantserve.com	journalrecord.com
1	ws.zoominfo.com	journalrecord.com
1	f5b370301eba121ff11a3e827d7eb72c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hbx.media.net	warp.media.net
1	p1.parsely.com	journalrecord.com
1	rules.quantcount.com	edge.quantserve.com
1	warp.media.net	journalrecord.com
1	cdn.krxd.net	journalrecord.com
1	cdn.parsely.com	journalrecord.com
1	tag.simpli.fi	journalrecord.com
1	edge.quantserve.com	journalrecord.com
1	www.googleadservices.com	journalrecord.com
1	platform.linkedin.com	journalrecord.com
1	analytics.apnewsregistry.com	journalrecord.com
0	i.simpli.fi Failed	tag.simpli.fi
0	c.compete.com Failed	journalrecord.com
272	62

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
subscribe.journalrecord.com
photos.journalrecord.com
instagram.com
store.journalrecord.com
realestate.journalrecord.com
classifieds.journalrecord.com
publicnotices.journalrecord.com
www.tulsawinterfest.com
digitalservices.ap.org
hosted.ap.org
bridgetowermedia.com
books.lawyersweekly.com

Subject Issuer	Validity	Valid
publicnotices.neworleanscitybusiness.com Amazon	`2022-01-05` - `2023-02-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
f073.pawhiskeyfest.com Amazon	`2022-09-22` - `2023-10-21`	a year	crt.sh
	`2021-05-21` - `2048-10-06`	27 years	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-26` - `2023-10-25`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
a.omappapi.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
api.userway.org Amazon	`2022-10-02` - `2023-10-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
ml314.com GTS CA 1D4	`2022-10-17` - `2023-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.clickagy.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Frame ID: 7C7F13B3D43F655715C46FC9A48161A6
Requests: 199 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CUJ112MK&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1
Frame ID: 5338DFBE7ED1617103F50BAD53BBDE76
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?href=https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/%20&layout=button_count&size=small&mobile_iframe=true&width=86&height=20&appId
Frame ID: 9727BDDAA1891A264B28F4DCFFFD71F5
Requests: 3 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3268076&wsid=0&pdom=journalrecord.com&purl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F
Frame ID: C1C0D1A313E2997DE2AAB3861524ACF8
Requests: 1 HTTP requests in this frame

Frame: https://f5b370301eba121ff11a3e827d7eb72c.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: E769A9C8459AD610E989F4909E017B3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Frame ID: 953A2DDDDAAD1383D4D0BFD4195B496A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le2xiMTAAAAAFD40x_ZtsDlPGwfRMUy7mVRR2Ki&co=aHR0cHM6Ly9qb3VybmFscmVjb3JkLmNvbTo0NDM.&hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&theme=standard&size=normal&cb=wmpzcoog0myl
Frame ID: A4D3598265F742B0EA7B926D060FA970
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlXsoWEuwK_TIgaHbIJaq7AUO6iS8LH7E_qN4Vra8SLtu2sBnKBHNIqbRNYyUE48XJGolp87dVsZvZ0TAC4qwHiveqljMngAlQW6tVwiAh7eeAyOk1AUOzg7rl8BqPqtsAm_o3q3IWOgaojraZGhNRasJq1IwRITkNP4uRA36W4mXAE0say1hYZ2NL4wazX_ngwhsVZiX-qDTQqihe5H3ElxGxM4xpeSZ7m2XZgSvxinFX-ThmcILRHq3YZvAVYfpfXoiIOZ_5Vj_am3XwtH3dXW0fC88BA3vdd0MjQJ0DvdLf0GhR57ggwRvhtof2U-ag_IOymKI&sai=AMfl-YQzz7OyqDUf1CRXvN2VRMbjdwh8crqrVuZCGOIPfVmnQSj5XWJMKftFvH_wlm1OEpGqbM7feT-z4noj359i-i7_GgAwMY_b_AJiY5ZDkFMP32ZtC30URTnKSGQXwvnj&sig=Cg0ArKJSzKZV4qMiuTZIEAE&uach_m=[UACH]&adurl=
Frame ID: 4B65F06A31714AAB7258E7D6089C3430
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8u6Q3SgMzUXn0Nck3M5RPVWLJ-F06syUnuuAh6opEoneKxhqFFfhAKf7hinwFpFLUyhyFkuUGfVSwrFitHdNuxfqJhRuqzDT2nLdINXDJOVknoX-q2L_HnbfRgN2LjgLNNyB4GKIJMbBvWdMCcWAPaUBAJHaJ3a-fFEXKfr85NoSafB5-dk17ssDd04lxuwarRqxTbi88L1widwr3JCQ1VJUfqKDBdld4wPuaC6swfYkA2nY30ZmLg3q8DOcpvsNxO0Qfs9lp0PVYrRoEFdNpYgCKGhDn4q8lTta4c141eo2q-o1we2dXF1gdB1AKKqps06zpZB4xNyau4GmQ8bIg-dxZBA&sai=AMfl-YQk4pA21cwZQeaYi9PbSvkvRSY78gw_zxVM9EckalkexrL0VcR9biucsJ7Pc2c9HIwbps8AfyZiMRqKyeCPO9odqtGnZdt4pRW3V8HTAM2edBFmEW187huPqx6ZMNwzgA&sig=Cg0ArKJSzKq2E1Rauqu1EAE&uach_m=[UACH]&adurl=
Frame ID: CA949F4BC62555BA15C7B02345B77344
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzGnOUPXzL4pqMSW58c9FWTs-cVoGf3CtFBXeUIVJwmjQOCOWCdSS3nbJ_kQ7hHTyAcYsr8ewyHE6VrZ3CmvxP0HdCFSVv-rTdzBd6EVYcaDf92cnRqNStCd7Df9lampdmk8On9Jo2JPtWDioAOUUW-0ClzA0f1GGadv1scG4IZV58AZDHy6QgKNp4MylIkH3UCIYn-qf7cDL5Er_2Eycgt3F13vZ4O3nijEzJ1n-9l7sgolnsJrGOKPdRgRdYS1j-whtqYmYm3qVrOg-t5zWCysBWHVdCWICSS9c_x28Qe4KlRlhMLKufDWIDclnEjaQTPmNpgpU&sai=AMfl-YT2GiVh1o-dlzmH4TEsA1tUtwOQLetjM1a8mFFzCaI5xvnW_sr2s6i428gXpOIVdXlnDATLsNx8oPV_FY1maXo8E1UkqW1HFpvtPZE42n9RT21XPOab3xN_jbX8rdTZ&sig=Cg0ArKJSzC1_ztps4PZFEAE&uach_m=[UACH]&adurl=
Frame ID: 4B077B55373B07B17172DAEC6163699E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxccWUkJ2cUzU7ZU9DPOerQw13Uehx5P3SyBvqBsYrFH1A7FONifnDzbR6E-BjHlm2Fqma0EnGftNW7QbzY-gA4WnSK7um3WqKAVr9IbGjELXARJr-6rzFDENN0ohuJlElcKk0c5T91zAcRNKjDO3rmrpsiTxNHA0vlHLUf2GUvDl82VnEKayNHv7LXYOpiEBLOF0Jv6DETlepuOZ0z9wDVYLS6ds6-WtOoSU-SuiMubdsbCLCtR1JJvj1z91-LHiYIlbF5CxUHv5VZ0i6Z7aTB0-0_1iUqM0QvotkrkmYB2avTHNiHLJVqbHNG0AVcUiglunjf4c-DiTpMSKVdrs&sai=AMfl-YTvBr76oNMSiW3jDOiFK06TdZunPMWyDeYu4kQYyAfzzxlOGJw6I2nhhbQF7Dp1a3hoWIgLhXHeYj6q9eVTxhKOQC8W9NYJZM3xkRjkJnWU3OQcub544L-QWUR6N1YHSA&sig=Cg0ArKJSzPsoCYikOPKmEAE&uach_m=[UACH]&adurl=
Frame ID: 197265249BFAA785252B802A5AA031CE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4331931166610770&output=html&adk=3046330955&adf=2044148826&lmt=1668167159&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668167159427&bpp=5&bdt=2371&idt=496&shv=r20221109&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D50eeff8a79e9481e%3AT%3D1668167159%3AS%3DALNI_MYDLiOSuLhavB7FUyAlb3zgmmIUZA&gpic=UID%3D00000b7fb4ee9372%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_MYnfuISv6RpbfKoz7fOhKiD7Gb49Q&nras=1&correlator=4424441814628&frm=20&pv=2&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774648%2C42531706%2C44775016&oid=2&pvsid=3174055483526761&tmod=205606318&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=516
Frame ID: D67A764CC4D5FDFFF14E59ED0A7E4AD5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbuLM9--4xN9WR_P2-YYyOHbiimvuvaQbbQHmvq6vLT1djeswhU1IYA-VGH4KiUTkgkEJ65MRddK_tTlKDDcSvnaZ7zD-rchyywCvadiHrE-J9SoX34FnWGju2zjpM_zYvkh1STUD4LvFb6d1-cK-Da7-4Qc8X-tL7NQxk_KmaptANszF7oFQddzGn9M2pknzb8hiK8zCSz2dXcrpzVJMvoX5cFQR27vqNxN07JMuHD1bSL8qSoAD3GwuQAPFnIZI913cugPHSbr-1xFaILrt7lPMMiBbdbdLXTKlXDCdBbyXeRgaDhZN7AqjuPXT2yPKtZ5FAFTQ&sai=AMfl-YSIHeoLSo4039zzShDrCz6jp1bekkHybC8XYYw-EMU7_tLAFBvnZUOamE9P7opJUDTxgGO6_6z7hWzdj-xbdObB5p1jZwIXzjgyE1Ncbd67LBGXP078IU_z6eSkvJc7&sig=Cg0ArKJSzD4hFhRYw-r9EAE&uach_m=[UACH]&adurl=
Frame ID: 3986C76BD265B1DBA7FA3C1EEE4760B5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt4ffVqtu0gkydp3IH1r8tITZpE5OqBp4AjeGiNGDzjcG_bGhVS6qRv7BqoG5jVBBU2gyZpQ3HqN03uYB-bupLyRjxm0-jTDV2VAxOaxiJjcVhjGsQIb8AprH_VpjDHJQos2tsny6ZpZzZ3W8-uFSvP-9PC82dgC0w4MghIc_yhuf0op5deduwtuqjmnDFGoNx_dE1AmF56nSZkxBVxCoTvaTKG_6DxWgE7QPGVTgHdK96OpbdaF_N1Um1TJEs2TwPj0vjVBatcfFL13pC3Ize4M3p6jvY2ZrV3fZoh8TXHRiJUv_0KcGVE5jkDBNOfI0evAvP3x5Ni-y8weOj-3QUoGJKnw&sai=AMfl-YRTXSaO9SgnFN7nA3f9Nu5R6PR62a8EtWqTut2H4mQcNq1LlUj1a1jyjTnjdhSoem_JvZDRObZ5-7ngcnLelJf4t7sdpWR0FP1MigOb56cgvjWgnm1tpBsCAFq5h0vz&sig=Cg0ArKJSzMP8zhxha-SyEAE&uach_m=[UACH]&adurl=
Frame ID: 3FB5C9DF55472BA20C62B970A69860BE
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxpRjro-Tk99YWxjoh_QZXM7irf42V7vem1Eqh6jjBdzT6fws2jla0Ie2gBuULuQoiC_eOJzKV2XLv-ln4Tio_DWhteVpjP2pOhdEWRtseEStjyR9kWF0jYYiZGYOSRw88r0SV-rLKLuWt6M_Y46L6F6Xvd_liTas1PMxieJOXQVstsCDAUd4llasuhe5o7P_gHwefyP63CZzEQ1KMC3OOJ5CIQQYR7apC_jOvmvJaLSXZsEozv10tePDL3cZfqHqmpkqOlU2LUydvvGt7iQMxEMc7FWFRSccOAU95zYd29I7dPwxWBQ6RW8P1FkzaPm_Sw4MQwj6OTcBfiwX2WjAjuZZhNQ&sai=AMfl-YRYAvrZrEY-TbQVnY7MrBl2RQnvMHmnispO2jgrd68X3B4n5IjFromht0Te3kC0Qu2j1VzYzkXUVA3GLOnSWTadz9glkgtGMElxF_Zj9XH-0J9dh6FUgwxkoAHBIvRi&sig=Cg0ArKJSzJP3J30CEN70EAE&uach_m=[UACH]&adurl=
Frame ID: 6F80D6B708FCAB7EF5791DDFFD8C1FB2
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6Le2xiMTAAAAAFD40x_ZtsDlPGwfRMUy7mVRR2Ki
Frame ID: 6875C7FB9C568C543991E8E9C73A2A3C
Requests: 3 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: CA1C4243CC29D6F0D2F99997F2B7C2F0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df21c56015605a34%26domain%3Djournalrecord.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjournalrecord.com%252Ff265ef3ad791ec8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
Frame ID: D8A49C3200134D447A1C85C6CD15E090
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fjournalrecord.com
Frame ID: C18245D2B491A2F022ABB73413C1BB0C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCB386CCA617CCA56EED9064C927BA41
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3BEBEDD58C4339A3CF8E9FF1C914B66
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
Frame ID: A10B78265D6BD7DFDB50DC7BF772930E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arvest Winterfest to mark 15th anniversary | The Journal Record

Page URL History Show full URLs

https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary HTTP 301
https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

272
Requests

94 %
HTTPS

54 %
IPv6

36
Domains

62
Subdomains

52
IPs

4
Countries

4272 kB
Transfer

11498 kB
Size

34
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/journalrecord

Search URL Search Domain Scan URL

URL: https://twitter.com/journalrecord

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/the-journal-record

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/JournalRecord

Search URL Search Domain Scan URL

URL: https://subscribe.journalrecord.com/

Search URL Search Domain Scan URL

URL: http://photos.journalrecord.com/

Search URL Search Domain Scan URL

URL: http://www.youtube.com/JournalRecord
Title: Video

Search URL Search Domain Scan URL

URL: http://instagram.com/journalrecord
Title: Instagram

Search URL Search Domain Scan URL

URL: https://store.journalrecord.com/
Title: Marketplace

Search URL Search Domain Scan URL

URL: http://realestate.journalrecord.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: http://classifieds.journalrecord.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://publicnotices.journalrecord.com/
Title: Public Notice

Search URL Search Domain Scan URL

URL: https://www.tulsawinterfest.com/
Title: www.tulsawinterfest.com

Search URL Search Domain Scan URL

URL: https://digitalservices.ap.org/rss/journalrecord/25323176232d6b21a710e20172fc0ccb/latestbusiness.rss

Search URL Search Domain Scan URL

URL: http://hosted.ap.org/journalrecord/article/0047fe1730d70277484634a6ec9b7a91/twitters-gray-official-labels-return-some-accounts
Title: Twitter's gray 'official' labels return for some accounts

Search URL Search Domain Scan URL

URL: http://hosted.ap.org/journalrecord/article/9c15e24b280fe9c65f4f0c3ab4febb2a/election-support-abortion-rights-was-about-much-more
Title: In election, support for abortion rights was about much more

Search URL Search Domain Scan URL

URL: http://hosted.ap.org/journalrecord/article/e2cd525389eb17bf5201fa0fcbabdbf3/dubbed-torture-id-policies-leave-transgender-people
Title: Dubbed torture, ID policies leave transgender people sterile

Search URL Search Domain Scan URL

URL: http://hosted.ap.org/journalrecord/article/82eb85980ec714d1ca9f5edbd513ae7e/japan-vies-last-chance-major-global-chip-producer
Title: Japan vies for 'last chance' as major global chip producer

Search URL Search Domain Scan URL

URL: http://hosted.ap.org/journalrecord/article/9c9eff68c04d399ca6fd0f546d2c0804/australian-pm-wants-ask-chinas-xi-lift-trade-barriers
Title: Australian PM wants to ask China's Xi to lift trade barriers

Search URL Search Domain Scan URL

URL: http://bridgetowermedia.com/privacy-policy/
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://bridgetowermedia.com/ccpa/
Title: YOUR CALIFORNIA PRIVACY RIGHTS/PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://bridgetowermedia.com/cookie-policy/
Title: DO NOT SELL MY INFO/COOKIE POLICY

Search URL Search Domain Scan URL

URL: http://bridgetowermedia.com/subscriber-agreement/
Title: SUBSCRIBER AGREEMENT

Search URL Search Domain Scan URL

URL: http://books.lawyersweekly.com/
Title: LAWYERS WEEKLY BOOKS

Search URL Search Domain Scan URL

URL: http://bridgetowermedia.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary HTTP 301
https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://journalrecord.com/files/2020/01/OKC.svg HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2020/01/OKC.svg

Request Chain 34

https://journalrecord.com/files/2022/10/Woman-of-the-Year-2022-thumbnail.jpg HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2022/10/Woman-of-the-Year-2022-thumbnail.jpg

Request Chain 35

https://journalrecord.com/files/2019/08/e-Alert_Sign-ups_OKJR-1.png HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2019/08/e-Alert_Sign-ups_OKJR-1.png

Request Chain 36

https://journalrecord.com/files/2022/07/cannabis-webinar-thumbnail.png HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2022/07/cannabis-webinar-thumbnail.png

Request Chain 39

https://journalrecord.com/files/2020/03/btm-white1.png HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2020/03/btm-white1.png

Request Chain 73

https://journalrecord.com/files/2020/12/PartOf-BTM-1.svg HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2020/12/PartOf-BTM-1.svg

Request Chain 78

https://journalrecord.com/files/2022/11/drtcphoto.jpg HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2022/11/drtcphoto.jpg

Request Chain 79

https://journalrecord.com/files/2022/08/Commerce-Bank-art-for-September-2022-native-content.jpg HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2022/08/Commerce-Bank-art-for-September-2022-native-content.jpg

Request Chain 81

https://journalrecord.com/files/2017/07/Brinkman-Lillie-Beth-70x70.jpg HTTP 301
https://journalrecord.com/wp-content/blogs.dir/1/files/2017/07/Brinkman-Lillie-Beth-70x70.jpg

Request Chain 223

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozNzJkY2M1M2VhNjkxMjdmMDZjNWI4YmFiOTA0MWY5NA HTTP 302
https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEGiU3zg0E2QlxLVTcCGJYF8&google_cver=1 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:372dcc53ea69127f06c5b8bab9041f94

Request Chain 224

https://aorta.clickagy.com/liveramp_redir HTTP 302
https://id.rlcdn.com/711861.gif

Request Chain 257

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=bebfd275-c251-4825-8522-b83edf488e86=&partner_id=3337 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=bebfd275-c251-4825-8522-b83edf488e86=&partner_id=3337

272 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Redirect Chain

https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary
https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

151 KB
35 KB

6286ms
6284ms

Document
text/html

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx / WP Engine
Resource Hash: cc0b53c6efef7a5a5dc52d0cbf7db98d5d0708c093b1aec380497e7f5a9197d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, no-transform
content-encoding: gzip
content-length: 34366
content-type: text/html; charset=UTF-8
date: Fri, 11 Nov 2022 11:45:57 GMT
link: <https://journalrecord.com/wp-json/>; rel="https://api.w.org/" <https://journalrecord.com/wp-json/wp/v2/posts/691784>; rel="alternate"; type="application/json" <https://wp.me/pbhaVv-2TXO>; rel=shortlink
server: nginx
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
via: 1.1 f9e7fd4b74156e78a449b2e846941478.cloudfront.net (CloudFront)
x-amz-cf-id: irN5kAABmupFQMbqe_LZaHs8vnLh8rJ4SOhMbY4oAsm9sfGgODsNtg==
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
x-cacheable: NO:Passed
x-pass-why: auth
x-powered-by: WP Engine
x-zephr-cache: miss

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, no-transform
content-encoding: gzip
content-length: 1362
content-type: text/html
date: Fri, 11 Nov 2022 11:45:50 GMT
location: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
server: nginx
via: 1.1 f9e7fd4b74156e78a449b2e846941478.cloudfront.net (CloudFront)
x-amz-cf-id: 10HxX3bc2EIyxlDBFO0z0xD7--D-BGpJ5kjQhEjdB2HoAPMUKyzq3w==
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
x-zephr-cache: miss

GET
H3 200 style.min.css
journalrecord.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 14ms
14ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Wed, 30 Mar 2022 11:30:25 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: w996GXhszLBtg1rct3YnCkYlRmwr0zUrWTPQBKMINuY_s4rPaNWQiQ==

GET
H3 200 mediaelementplayer-legacy.min.css
journalrecord.com/wp-includes/js/mediaelement/ 11 KB
3 KB 21ms
18ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: V21PELmjlIXJZyuPdr7ABddEqeYMCMYDEbdep-PfKZBqayBnRtUGRQ==

GET
H3 200 wp-mediaelement.min.css
journalrecord.com/wp-includes/js/mediaelement/ 4 KB
2 KB 23ms
20ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vJKSEvj-tGLCnAmFM2eiMnLPpcg7C-JizQ5umH15uExSv3BD7WwaPg==

GET
H3 200 cookie-law-info-public.css
journalrecord.com/wp-content/plugins/cookie-law-info/public/css/ 3 KB
2 KB 22ms
18ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 10:33:02 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _ysnny-qNI3jHdgiYyZq4kOsjM5rFD4EIOGYGM5ZK7i-LvnuKsP9Pw==

GET
H3 200 cookie-law-info-gdpr.css
journalrecord.com/wp-content/plugins/cookie-law-info/public/css/ 27 KB
5 KB 24ms
21ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 10:33:02 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DAdNNW57k8gxXdadc2s4oM91RErXhjYMRGm207BJG_C3_Qzsemyy4g==

GET
H3 200 sponsored_content.css
journalrecord.com/wp-content/plugins/tdc-sponsored-content/ 3 KB
1 KB 23ms
20ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/tdc-sponsored-content/sponsored_content.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 689acc7446c2b71cc1c59b4f0d3c4301b16bfb0ffe7708521d4317212881305f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:24 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iFtR2pwoUMay1YiSO9365g6sUAri-hKewP0YGn-DsrqNC15esuxOYQ==

GET
H3 200 polls-css.css
journalrecord.com/wp-content/plugins/wp-polls/ 3 KB
1 KB 23ms
20ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wp-polls/polls-css.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fcD7stcV0niKIkWmp21M4VvCI5vqsPGCMpfI4sNAHwqdAVUhdgA2Hg==

GET
H3 200 style.css
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/css/ 5 KB
2 KB 30ms
27ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/css/style.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2e42f143b521ff3d7aee29aad2f5ac1c577a5e0be9f50b888054fea78e7a2638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 09:36:58 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JS09BaZRgMAJsoLO7ao5H4x-dkoT9qIzZ1w-x9LYK_KaIDKLKD-sMA==

GET
H3 200 wpsolr-facet-range.css
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/pro/extensions/theme/template/facet-range/ 0
607 B 24ms
21ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/pro/extensions/theme/template/facet-range/wpsolr-facet-range.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1203059
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3_q2d0tm8cknpEGpKRf7JnSGPQqZ02zTQmU-EChqFuVumtc_1w2ufA==

GET
H3 200 wpsolr-facet-color-picker.css
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/pro/extensions/theme/template/facet-color-picker/ 1 KB
1 KB 30ms
27ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/pro/extensions/theme/template/facet-color-picker/wpsolr-facet-color-picker.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: edae14b2f971693076ca3f63df3e728ff340ea6f5424dc9235f9e89c1c89b61c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 09:36:58 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UW8TyooFjgbaLXnd6hCfAyCb_eBn60EPN2OFEp7MReWsc4XlW4FV1Q==

GET
H3 200 style.css
journalrecord.com/wp-content/themes/jarida/ 146 KB
28 KB 31ms
28ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/themes/jarida/style.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: c623a7e42a18eb36dbc01c9842619171ddc28f8eca20a13c348b74d55722f265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 26 Nov 2021 12:02:54 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: K62X-PLSLY-ymqlIt3HieC6aCsROMeikXk41omJai0_L6iFHuUIgxA==

GET
H3 200 mobilemenu.css
journalrecord.com/wp-content/themes/jarida/css/ 6 KB
2 KB 26ms
24ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/themes/jarida/css/mobilemenu.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 43ce99c68e674d72785e3e92f7c40d9c568507e2fc734a573fca330a262620a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
age: 1203059
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5GURUNOm2gNS8ErfFZ0_UnxIXdBGjB3BzMTNHIgARiITDBts-2iuEQ==

GET
H3 200 override.css
journalrecord.com/wp-content/themes/jarida/css/ 10 KB
3 KB 463ms
460ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/themes/jarida/css/override.css?unique=1668167152
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 9743ce1b7ff4f2cc5f82030854a6df6b72f0369319a6376b9b058c8b005bc100

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:57 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 26 Nov 2021 12:02:54 GMT
server: nginx
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1t7PkK39suBgSFfSkVySKQ6sxjcUTVeMEbCzYS52iPm93CeqpMa1DA==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 141ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67596f497ba9670488a07493b079a6c8d32fb1714209db992e1e32a99c4dffe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 11:43:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Nov 2022 11:45:57 GMT

GET
H3 200 /
journalrecord.com/ 9 KB
3 KB 1644ms
1641ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/?display_custom_css=css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx / WP Engine
Resource Hash: b110aa67ac6e01ea6e332196b3c0b736c370272b00298a6d8a7074908296d385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
x-cacheable: NO:Passed
server: nginx
x-amz-cf-pop: HAM50-P1
x-powered-by: WP Engine
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css;charset=UTF-8
cache-control: max-age=0, must-revalidate, private
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AWE1S08Pp0R_b4psxiV4ChKIMV-0XlriOZ5Ov7EYPlz4YUGUfsrlOQ==
x-pass-why: auth

GET
H3 200 jetpack.css
journalrecord.com/wp-content/plugins/jetpack/css/ 86 KB
17 KB 33ms
27ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/jetpack/css/jetpack.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 420033f9eaf95478a450e558f93ae6d7a5ad950c3e78f38832b47f9e2164418a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 10:33:02 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Zte7A8vpz5ryS06DWXuZUQaJlWle3IuNpUqbP7lEr031eMdG6hMJEg==

GET
H3 200 mkt_header.js Show response
journalrecord.com/wp-content/mu-plugins/mkt/ 5 KB
2 KB 33ms
27ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/mu-plugins/mkt/mkt_header.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2e2535658a5b72091fdd916cf8f433710da212e3e8a114c5bd07ed4833e6848e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:22 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sX_e-Bct4a39KJPk3Htl5qZ-Ys83yowDxTq3EMYLTi4wLtWEQQftNQ==

GET
H3 200 jquery.min.js Show response
journalrecord.com/wp-includes/js/jquery/ 87 KB
31 KB 32ms
28ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kd1iHn3bIfpG6BrgAENg4mgScgpVWIkFON8kH4lFSG8d6VrZhPOARg==

GET
H3 200 jquery-migrate.min.js Show response
journalrecord.com/wp-includes/js/jquery/ 11 KB
5 KB 34ms
30ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: eAaiyDqeUCE1A2lXi-zAEvIevE34rSAHyOKGVRyCJWvyXmXGb3oLWA==

GET
H3 200 post-ads-after-fifth-script.js Show response
journalrecord.com/wp-content/plugins/asentech-fifth-ads-pos// 514 B
921 B 37ms
33ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/asentech-fifth-ads-pos//post-ads-after-fifth-script.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 7ee2601a50c8ca82b4d73738c6b2381db38ed1e341cfb5dbce38d9ce15132323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:23 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nu9GJLcOphdLsxT1a8aeU_NwIZQZeHwlhwpHBbEeiJL8jAU8XvsGyw==

GET
H3 200 cookie-law-info-public.js Show response
journalrecord.com/wp-content/plugins/cookie-law-info/public/js/ 34 KB
8 KB 35ms
31ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 8c106f968e6dae4cc1049fd8205860cbd57eba3b59803c5688a1f417b57d9b65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 10:33:02 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ef3NxwfYQpyrEvFR-DL9nEqkPVQFLvwnTPafV0nUk6cWOoh91Ye-Nw==

GET
H3 200 frontend.js Show response
journalrecord.com/wp-content/plugins/stop-user-enumeration/frontend/js/ 486 B
883 B 34ms
30ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 10:08:24 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qcQW7rNia-tWGa1R_UyyHX26J2fpJCFj5h68abRj95tCPUuZaWjkvQ==

GET
H3 200 google-ads.min.js Show response
journalrecord.com/wp-content/plugins/asn-dfp-ads/assets/js/ 344 B
856 B 36ms
32ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/asn-dfp-ads/assets/js/google-ads.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 4c575d7b5e992646a036af8b95013bffb3b54c8093d6b593219d1b27c550a9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 14:22:52 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:23 GMT
server: nginx
age: 1200185
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: G0bbSLXaeyGmN-oA4GP25lUfSGCUspeE9htjs6YCGFtz2cr5zU_L1Q==

GET
H3 200 dfp-ads.min.js Show response
journalrecord.com/wp-content/plugins/asn-dfp-ads/assets/js/ 3 KB
1 KB 34ms
30ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/asn-dfp-ads/assets/js/dfp-ads.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 90675f40d202b9d230c1e75f8c7a9b7ecea4b95f86b87c609d63a1eeccb1af65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:23 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: T0gTbJKtIv6kbBuNRfnC-CIy2dP6UuYdgCfnvnGeJ2lvbJNAJLoqyw==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 80ms
25ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 617, 617
age: 23083383
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7686c8dc28226901-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 81ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 812678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biKRMGxMVvDv8dmev08NIfLCKEBkZ%2BsExUpBqmpPIpcXqzKVaeMimOKOZh0QnH2MieDaAYaz6qAcIxwAR9anZHcxPzVnSnClIaKRUXkEcrQeHf7S7eHJw2y7zUiVXNwhvER9DEMlLXcw4DZa%2FL7Fy8hc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7686c8dc282e8fd7-FRA
expires: Wed, 01 Nov 2023 11:45:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 156ms
44ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f35f1c7530f7024e1bfe728071e547c04bdfff8955d0bfc9a514f10c6dcb6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27315
x-xss-protection: 0
server: sffe
etag: "1390 / 860 of 1000 / last-modified: 1668121631"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Nov 2022 11:45:58 GMT

GET
H2 200 script.js Show response
p814.journalrecord.com/ 138 KB
42 KB 66ms
8ms Script
text/javascript 108.138.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p814.journalrecord.com/script.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-109.fra56.r.cloudfront.net

Software

- /

Resource Hash

98a8943f4e5fc8441a2dfc9020e93d9a79af966250ee85e61a3f48a73a7022fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 445
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 42781
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Nov 2022 05:48:14 GMT
server: -
etag: 93e296ded6b417e7e7e177dd6dd18066
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8xp1pRSbqVWU9PYoDqeyiM1J8kEY4CY7GM61aeLL_RlwyQ7lY4lTZA==
expires: Fri, 11 Nov 2022 11:48:32 GMT

GET
H3 200 custom.css
journalrecord.com/zephr/ 4 KB
2 KB 34ms
31ms Stylesheet
text/css 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/zephr/custom.css
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2607dee5a24b3ca771b41354f1f4d0b9be1fded4f5e696ffa08732989c5c552e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:34:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 26 Nov 2021 12:02:54 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xAqN7VlziToOT_SWj1mmXnpIxkivF3igXWMeAgm4Ayjg1dtbuO-YxA==

GET
H3

200

OKC.svg
journalrecord.com/wp-content/blogs.dir/1/files/2020/01/
Redirect Chain

https://journalrecord.com/files/2020/01/OKC.svg
https://journalrecord.com/wp-content/blogs.dir/1/files/2020/01/OKC.svg

10 KB
10 KB

23ms
22ms

Image
image/svg+xml

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2020/01/OKC.svg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 1fd355a27b4594f2f689bc3566c857077f15bfed9da9a08bd5e6e0b06a476b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 29 Oct 2022 12:39:11 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Sat, 30 Oct 2021 05:50:39 GMT
server: nginx
age: 1120008
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8feiCDFIbBhc2gEcqJvJO04wN38x6YfhfRJjNKGaXstImw7TQl0e5g==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2020/01/OKC.svg
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JzBSrIuzEpo7rcnjoDERLnUdefw46d2pZJf2gioIgPqGccCECM0UJw==
content-length: 1333

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 147ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f35f1c7530f7024e1bfe728071e547c04bdfff8955d0bfc9a514f10c6dcb6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27315
x-xss-protection: 0
server: sffe
etag: "1390 / 254 of 1000 / last-modified: 1668121631"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Nov 2022 11:45:58 GMT

GET
H2 404 post-691784
analytics.apnewsregistry.com/analytics/v2/image.svc/OKC/RWS/journalrecord.com/CAI/ 0
0 307ms
96ms Image
text/html 213.174.159.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.apnewsregistry.com/analytics/v2/image.svc/OKC/RWS/journalrecord.com/CAI/post-691784
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.159.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 in.js Show response
platform.linkedin.com/ 509 KB
160 KB 64ms
7ms Script
text/javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: 88693cc8c9e7e6e4c95ec82563c8c07f3260afa0048fe62c9dce2e3f717e898c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:57 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
server: Play
x-li-pop: prod-lva1-x
x-cdn: AKAM
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
content-length: 163354
x-li-uuid: AAXtL+meJ/SwpnxIWEyplA==
expires: Fri, 11 Nov 2022 12:08:42 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 133ms
48ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92fd05238c68ae5b9427768681489ebd3a4f8569f2deea18c1afc7b7ac5ae574

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 11:45:57 GMT

GET
H3

200

Woman-of-the-Year-2022-thumbnail.jpg
journalrecord.com/wp-content/blogs.dir/1/files/2022/10/
Redirect Chain

https://journalrecord.com/files/2022/10/Woman-of-the-Year-2022-thumbnail.jpg
https://journalrecord.com/wp-content/blogs.dir/1/files/2022/10/Woman-of-the-Year-2022-thumbnail.jpg

65 KB
66 KB

25ms
24ms

Image
image/jpeg

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2022/10/Woman-of-the-Year-2022-thumbnail.jpg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 99f6c321700a5865609e1b091de162adac6930c417008251e0f69c9857b87a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 29 Oct 2022 12:39:11 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1120008
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 66717
last-modified: Fri, 21 Oct 2022 13:02:10 GMT
server: nginx
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kMwpyZP06hDgNURiM2Gs_aolQZRch7FUc_Gcy4dQziqJu5QUTGRQag==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2022/10/Woman-of-the-Year-2022-thumbnail.jpg
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QEkrSfXnDHG7H8ICMD50zXW5BhrKx1nrtS8-POdZiNJGGYVh12oV0Q==
content-length: 1333

GET
H3

200

e-Alert_Sign-ups_OKJR-1.png
journalrecord.com/wp-content/blogs.dir/1/files/2019/08/
Redirect Chain

https://journalrecord.com/files/2019/08/e-Alert_Sign-ups_OKJR-1.png
https://journalrecord.com/wp-content/blogs.dir/1/files/2019/08/e-Alert_Sign-ups_OKJR-1.png

6 KB
7 KB

24ms
23ms

Image
image/png

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2019/08/e-Alert_Sign-ups_OKJR-1.png
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: ac926eccf34e61def4839b01b88b0d4cad54e4dfc2151b69f7afaab7880936b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sun, 30 Oct 2022 02:30:22 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1070137
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6335
last-modified: Sat, 30 Oct 2021 05:50:10 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KW0YNIbMKbLWnzj22NYIcux5WCpXLeE8wwopgLox65-kRgw3Cqds9A==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2019/08/e-Alert_Sign-ups_OKJR-1.png
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IZaRSy8Y4dBZncbW53Z6QNp79DRykKYMEjULuPDbdFo6BNEjFn2JqA==
content-length: 1333

GET
H3

200

cannabis-webinar-thumbnail.png
journalrecord.com/wp-content/blogs.dir/1/files/2022/07/
Redirect Chain

https://journalrecord.com/files/2022/07/cannabis-webinar-thumbnail.png
https://journalrecord.com/wp-content/blogs.dir/1/files/2022/07/cannabis-webinar-thumbnail.png

102 KB
102 KB

16ms
16ms

Image
image/png

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2022/07/cannabis-webinar-thumbnail.png
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: aca647dc91588097e23565df51f2e3e070b31f936407bfcf56238463b6676fe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sun, 30 Oct 2022 02:30:23 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1070136
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 103971
last-modified: Wed, 13 Jul 2022 12:32:41 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KO8HXnJR07uBuAP3B_JRbpSTnjJ0zeHTWo58ZvRUIV6XIoXruRkACA==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2022/07/cannabis-webinar-thumbnail.png
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4qUCo3O_VsO84u8z9eIcZCO_3bKMuaXD5Zi3vI6lq27BNoZs3fDT0Q==
content-length: 1333

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 152ms
58ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

17bcafaa9b8aa4e9a351dd1fade8e49e63ab09fc2653f5b384bb05c8660ff765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16828
x-xss-protection: 0
server: cafe
etag: 8569919312416379547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:45:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 187ms
84ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d4c0357bf2c61209cf355c4a4a6358feb3b645c1c884c8033c6f71fb4a2beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55147
x-xss-protection: 0
server: cafe
etag: 4643084999135936676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:45:58 GMT

GET
H3

200

btm-white1.png
journalrecord.com/wp-content/blogs.dir/1/files/2020/03/
Redirect Chain

https://journalrecord.com/files/2020/03/btm-white1.png
https://journalrecord.com/wp-content/blogs.dir/1/files/2020/03/btm-white1.png

1 KB
2 KB

15ms
14ms

Image
image/png

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2020/03/btm-white1.png
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: aa0ffc128e526f3ab9f3430ffd422bea9b036ebb3d9986bef93387baaf1ca2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 29 Oct 2022 12:39:11 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1120008
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1129
last-modified: Sat, 30 Oct 2021 05:50:47 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ObuXYG-zX6xREakypfqyS-VvRgQPqHVok9bku7M8QbYkYsJZS4VImA==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2020/03/btm-white1.png
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: y48OE2LEBTbeZGKx3Po4PSmExCl0ABt125BZqhITNUeS-hiCikdKPg==
content-length: 1333

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 57ms
28ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47583c4710fe44264d54d741ba58094f458549c6edf67e88661fa8295f219a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:57 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 11:26:34 GMT
server: cloudflare
age: 1154
etag: W/"db3-5ed302988e620"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7686c8e13a5e9bfb-FRA
expires: Fri, 11 Nov 2022 12:26:43 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ 25 KB
10 KB 57ms
8ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: gzip
etag: "dGMVEkJqMDGUKmTNQCF+Mg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 18 Nov 2022 11:45:58 GMT

GET
H3 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 11 KB
4 KB 49ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 56680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3718
last-modified: Wed, 18 Nov 2020 00:51:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fb4701e-2c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFnWmuU3c%2BpCGeOP9Iv37Nn4o%2BHgLXtOThU3gzNHv5pn%2FGKCABXLP5kpUQNd6frFAwyTxrrjDfQJFpQCYlhURo3aPuW1bPRy7aE1yW0GFKgzpT7LiEM7gK%2FEWXdNUJvurt%2FVj%2FIgd3momabX8fxRwz4f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7686c8e1ee0c9951-FRA
expires: Wed, 01 Nov 2023 11:45:58 GMT

GET
H2 200 674325b0-31ad-0139-a5be-06a60fe5fe77 Show response
tag.simpli.fi/sifitag/ 3 KB
4 KB 64ms
19ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/674325b0-31ad-0139-a5be-06a60fe5fe77

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

4f14794da48c2c865237e999622aa6428d15c201635e4ce223f3175038393208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 11 Nov 2022 11:45:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3101
x-request-id: FyaFMU8zmt026kEDOJOC
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 mkt_footer.js Show response
journalrecord.com/wp-content/mu-plugins/mkt/ 3 KB
2 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/mu-plugins/mkt/mkt_footer.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 98d37ae53e1026f4920286146b3bd513afcf0e5514102a6a3465db9bcf50c8cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:00 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:22 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AjvnyG8crEHKhMpUyef3fyARF8_guJT4o5-HsmywCP-hQ8u28tRa1g==

GET
H3 200 interads.js Show response
journalrecord.com/wp-content/plugins/BTMActOn/js/ 5 KB
2 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/BTMActOn/js/interads.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2cbe71751fa590c6d887f70f0561ba4dbea8146fc6b1b2f101ea6ecc1182d356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:00 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:22 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uu_Efq2zXzGqsTdi2sCdCq1F7oTgrJIFnNY7DdeYAEFra2mwKsl5cg==

GET
H3 200 polls-js.js Show response
journalrecord.com/wp-content/plugins/wp-polls/ 3 KB
1 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wp-polls/polls-js.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:00 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: b7sf4R7aqVCdSite3AXQ_jcSzH6hqxemZxwNY3INIaMZwxVNqCTKKA==

GET
H3 200 jquery.autocomplete.js Show response
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/js/devbridge/ 33 KB
8 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/js/devbridge/jquery.autocomplete.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 93079b8d7b19bc776aca7bf05eea812f3b6e6f85b6fc6babc72d36d0c9f83418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:00 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Pf7mXfLve4iCz9nogmcn1DOgAMqcRuGEwauLgG8lmeiEsC7p3OWVHg==

GET
H3 200 url.min.js Show response
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/bower_components/jsurl/ 3 KB
2 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/bower_components/jsurl/url.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 542c1569e5c5c152b53cefc0602bf485f0403aef913435340898ce6903298dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:00 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bDxukrZniZCKSiMnzdYBhqCM8eNRBpeE2Xv8U7sItEnJXd8cAG9UxQ==

GET
H3 200 autocomplete_solr.js Show response
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/js/ 34 KB
8 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/js/autocomplete_solr.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 752256c91aa8672c8cf46c61cc3c1db92018664de4f3a0840a629d68299e6c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:00 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 09:36:58 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: eQbpKIx9si8s0xXM0x9tVtxlmoC1tHltW45fTW84ApaqUAIFbovPzQ==

GET
H3 200 loadingoverlay.min.js Show response
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/js/loadingoverlay/ 17 KB
12 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/core/js/loadingoverlay/loadingoverlay.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 522630e96f30a74a844ae6b444fb56f3920e6b458c45ae3c8fa090498aaa091d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:00 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IUCr4WWXapvg7pq4nL7IugQ6lqmYW25bK2QYdQTBCgfyO2MlzlSslw==

GET
H3 200 gtm4wp-form-move-tracker.js Show response
journalrecord.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
988 B 15ms
15ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:00 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Fri, 13 May 2022 10:33:02 GMT
server: nginx
age: 1203058
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: unCoqQ1Wdy5cGf6yL0F7WlajycUT_UzvasT1rAwaxfcnIr_ODOkmpQ==

GET
H3 200 regenerator-runtime.min.js Show response
journalrecord.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:01 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 16:35:13 GMT
server: nginx
age: 1203057
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DBc-WZlxawGw3EjhQL73VntW1gM1jEH0Xa1FiAEDolMGLXwsdkW75Q==

GET
H3 200 wp-polyfill.min.js Show response
journalrecord.com/wp-includes/js/dist/vendor/ 19 KB
7 KB 15ms
15ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:01 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
age: 1203057
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lKPdOaAwEXL9FT1FVqsBhFZy9mG71XeEHX-bXFr-8NNm3EOThK5zKg==

GET
H3 200 hooks.min.js Show response
journalrecord.com/wp-includes/js/dist/ 6 KB
2 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-includes/js/dist/hooks.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:01 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Mon, 15 Nov 2021 12:50:17 GMT
server: nginx
age: 1203057
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UbmtXZ0b39EuY6U4D_jn6fjgB3ZHfrlC_BzdUb8qFki5xwHWYi_VrA==

GET
H3 200 loader.js Show response
journalrecord.com/wp-content/plugins/wp-parsely/build/ 2 KB
2 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wp-parsely/build/loader.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 29 Oct 2022 05:47:28 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Mon, 12 Sep 2022 10:44:55 GMT
server: nginx
age: 1144710
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2SVwbaxg4hUhNF75USslFomm9A67xO0EDKvrNP8JyRCU4gOuJu5STg==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/journalrecord.com/ 56 KB
21 KB 54ms
12ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/journalrecord.com/p.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 84cb4fdf0831f2b123a61b867ebc400e65a157d2e4049ebe8d59dc6a99ef3226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: public
date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: gzip
via: 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
last-modified: Tue, 19 Oct 2021 21:52:02 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 23777
etag: W/"616f3e02-e15a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: SmuhyYKDv3VgOIMo2FSpXcJ66off_kemhwls5VLWhYFgo-ppw_HsBg==
expires: Sat, 12 Nov 2022 05:09:41 GMT

GET
H3 200 wpsolr-facet-range.js Show response
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/pro/extensions/theme/template/facet-range/ 278 B
812 B 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/pro/extensions/theme/template/facet-range/wpsolr-facet-range.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 582a1e1bebec2922ee282614d165942348dc5d39c646aa53dcf13346984ce825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:01 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 17 May 2022 09:36:58 GMT
server: nginx
age: 1203057
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gk5VUWeHjM3QlprlPZdI4uSKe-qzRZ1sZYoWRkLW2KvcsFMI7_W69g==

GET
H3 200 wpsolr-facet-color-picker.js Show response
journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/pro/extensions/theme/template/facet-color-picker/ 0
609 B 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/wpsolr-pro/wpsolr/pro/extensions/theme/template/facet-color-picker/wpsolr-facet-color-picker.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 29 Oct 2022 01:10:29 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1161329
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 20
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: onzPXyiuw3pxHI80YXXIvCDzAwmbDOf2d17u_k8ZT2o3a3ESfZTRkg==

GET
H3 200 mobilemenu.js Show response
journalrecord.com/wp-content/themes/jarida/js/ 483 B
828 B 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/themes/jarida/js/mobilemenu.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: b0fe89d598be359ee97fe733ed22c4c2c7930acca96d55d66123fba4168671de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:01 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
age: 1203057
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _OmmPxoEBuW1ZWAZI4JiKjMWy-fda1AqldJ18NG4_GD0hVQsP15dEg==

GET
H3 200 tie-scripts.js Show response
journalrecord.com/wp-content/themes/jarida/js/ 63 KB
18 KB 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/themes/jarida/js/tie-scripts.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: a9d4257343c68dafcf41aa2c76e7b3c916ff2afd57adf6466e8d1969290c0bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:01 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
age: 1203057
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VhmfUj7ZW5yry3i5QHjHrGJCu4ht5i-eypEvbSRhT8LeTfAaaEufWQ==

GET
H3 200 helper.js Show response
journalrecord.com/wp-content/plugins/optinmonster/assets/js/ 653 B
947 B 14ms
14ms Script
application/javascript 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/plugins/optinmonster/assets/js/helper.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 0a904bdffeaa6adf503ebd227303a2c0e8e534789a39376f602727bfab444c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 13:35:01 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 14:29:24 GMT
server: nginx
age: 1203057
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KUEaCdvFnvaAuEWi8ogVxLAlLf9OKmUjtVX_3xD_3OTCCYl1vQawBA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
38 KB 132ms
49ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MP9G4H

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e497791a0a245b8c47e70f12f48285ee51a46e9411ee5fd1609bf4f2ccfd308e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38771
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Nov 2022 11:45:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
46 KB 175ms
92ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TX64QHP

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0389712513fe2aa9f229ad777f458dbae1852c58c9c57d011d7bfbae3469d6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47063
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Nov 2022 11:45:58 GMT

GET
H2 200 sgdj5c6tr.js Show response
cdn.krxd.net/controltag/ 2 B
400 B 124ms
95ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sgdj5c6tr.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 903
x-cache: MISS, HIT, MISS
x-app-cache: MISS
x-age: 0
content-length: 22
x-served-by: config-service-a002-ash-prod.krxd.net, cache-iad-kjyo7100066-IAD, cache-hhn4032-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1668167159.794022,VS0,VE86
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 6, 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 11:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1269
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 11 Nov 2022 13:24:49 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 41ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a89672e008b883292445ec72f7e774bb645feec3c59a3ba2400bec348a6b2ece

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 11:45:58 GMT
via: 1.1 a61bf012d6705172c9b3467994159b56.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: BUD50-C1
age: 126
x-cache: HIT
x-77-cache: HIT
x-age: 3561
x-77-nzt: AcO1rgWBL07/6Q0AAA
x-accel-expires: @1668167197
last-modified: Thu, 10 Nov 2022 16:33:22 GMT
server: CDN77-Turbo
etag: W/"987b57b59b835cb5ab5ea9f526b1ed6a"
x-77-nzt-ray: ffffffff8b904499f6356e630a319f2f
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: e1W3BYVnNhjBKrWBv1vTjzq5qt5iwlh-VRJKGaZ0sKysUkIANPCr_Q==

GET
H2 200 cs Show response
bridgetowermedia.blueconic.net/DG/DEFAULT/ 16 B
703 B 356ms
126ms Script
text/javascript 100.25.1.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bridgetowermedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json144

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.1.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-1-9.compute-1.amazonaws.com

Software

- /

Resource Hash

4be9f04088ae4eb23b29ab79e8d1bcc69ec911db34210386376a5c0062ca2e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 clientag.js Show response
warp.media.net/js/tags/ 383 KB
116 KB 58ms
35ms Script
text/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d21252493c366bb141930f173c9e8e6b6a65b0af883e2a8e6d0bfd90f2fb4083

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Fri, 11 Nov 2022 11:45:58 GMT
server: Apache
etag: 2820662756922169102
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Fri, 11 Nov 2022 12:15:58 GMT

GET
H3 200 tiefontello.woff
journalrecord.com/wp-content/themes/jarida/fonts/ 17 KB
18 KB 15ms
14ms Font
font/woff 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/wp-content/themes/jarida/fonts/tiefontello.woff?48072461
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/wp-content/themes/jarida/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa

Request headers

Referer: https://journalrecord.com/wp-content/themes/jarida/style.css
Origin: https://journalrecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 28 Oct 2022 14:25:52 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1200006
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17876
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 11LZEDF_Ihf10xjKO_K_G2bfSLfWZA1i3xDQ3kUYt9WRd6rJu3fhig==

GET
H3 200 pubads_impl_2022110801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 111ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 10:02:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131898
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:38:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 10:02:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 81 B
76 B 119ms
45ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=journalrecord.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde8dd9b5b9c9b1b224470c9135276cd4fdbb1532e4214e3d4013c7acbd3f623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52
x-xss-protection: 0
expires: Fri, 11 Nov 2022 11:45:58 GMT

GET
H3 200 top-shadow.png
journalrecord.com/wp-content/themes/jarida/images/ 6 KB
6 KB 15ms
14ms Image
image/png 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/themes/jarida/images/top-shadow.png
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/wp-content/themes/jarida/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/wp-content/themes/jarida/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 29 Oct 2022 06:34:24 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1141894
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5679
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: lta5KFQwxs9PvQcE36mkLu15TiMz1vn2ETrukbGh76e6hf_j4Nfz2A==

GET
H3

200

PartOf-BTM-1.svg
journalrecord.com/wp-content/blogs.dir/1/files/2020/12/
Redirect Chain

https://journalrecord.com/files/2020/12/PartOf-BTM-1.svg
https://journalrecord.com/wp-content/blogs.dir/1/files/2020/12/PartOf-BTM-1.svg

7 KB
8 KB

15ms
15ms

Image
image/svg+xml

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2020/12/PartOf-BTM-1.svg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 4d00897ca3a4b27f205d78f528e5092360c165aca6cab554f8137f311933ab11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 29 Oct 2022 12:39:12 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
last-modified: Sat, 30 Oct 2021 05:51:36 GMT
server: nginx
age: 1120007
x-amz-cf-pop: HAM50-P1
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: f42x9AtNuK_8Gh6G_14jjtzeKoXKWNL-IpYC1DVrdqQ4_t35qbI75g==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2020/12/PartOf-BTM-1.svg
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Xrr0qwiJL8hKDmWlynKuUFt-PoKon0p3wVriXVXnG7O8HUsCj7eRBQ==
content-length: 1333

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 140ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://journalrecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 19:16:52 GMT
x-content-type-options: nosniff
age: 145746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 19:16:52 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ 399 KB
159 KB 118ms
35ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdfeba02862c96c6d6fa5c6ecc5db0b1f9c04b93941ffa0dd47b23e66a7f9e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://journalrecord.com/
Origin: https://journalrecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 03:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162590
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 03:21:34 GMT

GET
H2 200 widget_app_base_1668097843152.js Show response
cdn.userway.org/widgetapp/2022-11-10/ 127 KB
35 KB 16ms
16ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fea79d71201fbd2f32c8f165dc7755838e4269f4eb72a29ac229e5b506bad0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 11:45:58 GMT
via: 1.1 9d20586df7150a47ce50554b50d8f500.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: BUD50-C1
age: 10
x-cache: HIT
x-77-cache: HIT
x-age: 68504
x-77-nzt: AcO1rgVpI+7/mAsBAA
x-accel-expires: @1694018654
last-modified: Thu, 10 Nov 2022 16:33:18 GMT
server: CDN77-Turbo
etag: W/"a28be52ba9e0e265ed68dbaeb606baed"
x-77-nzt-ray: ffffffff8b904499f6356e63aaa2f832
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: uoUCmlKSm_0aRez2S0AG8vOm7IVl8ooDCQ7FgKrFflmy_c6LQPsLWQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/993473520/ 2 KB
2 KB 141ms
50ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993473520/?random=1668167158856&cv=9&fst=1668167158856&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&tiba=Arvest%20Winterfest%20to%20mark%2015th%20anniversary%20%7C%20The%20Journal%20Record&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5328ebfa03ef9fb15df31b4c6a2efde956c132f8a34182624d6da6a62191c787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 986
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

drtcphoto.jpg
journalrecord.com/wp-content/blogs.dir/1/files/2022/11/
Redirect Chain

https://journalrecord.com/files/2022/11/drtcphoto.jpg
https://journalrecord.com/wp-content/blogs.dir/1/files/2022/11/drtcphoto.jpg

37 KB
37 KB

15ms
15ms

Image
image/jpeg

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2022/11/drtcphoto.jpg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: d5a5b823736fd7ca1bbc5aa581a96c96f1fba64aa31a741e1ce7bf976466750d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Tue, 01 Nov 2022 23:16:29 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 822570
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 37634
last-modified: Tue, 01 Nov 2022 14:22:20 GMT
server: nginx
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: W9TSXpMnhG7i3fSSrrWZcHAIaREPz56puDgF0sVHE8NAEIQ7BQgpag==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2022/11/drtcphoto.jpg
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ti6wHJm75s9Dsjr-fKsoLTJsLWzrpR8mJc3r4k6FbclYsjZeCSwcVg==
content-length: 1333

GET
H3

200

Commerce-Bank-art-for-September-2022-native-content.jpg
journalrecord.com/wp-content/blogs.dir/1/files/2022/08/
Redirect Chain

https://journalrecord.com/files/2022/08/Commerce-Bank-art-for-September-2022-native-content.jpg
https://journalrecord.com/wp-content/blogs.dir/1/files/2022/08/Commerce-Bank-art-for-September-2022-native-content.jpg

96 KB
96 KB

17ms
16ms

Image
image/jpeg

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2022/08/Commerce-Bank-art-for-September-2022-native-content.jpg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 70be816b925d31a15bb091ae13f49c9f5c36db863b14152ae7686a9f7aa7362f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Tue, 01 Nov 2022 23:16:28 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 822571
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 98121
last-modified: Wed, 31 Aug 2022 16:51:34 GMT
server: nginx
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Qub3kEjU5gb8oaRfu_JBLqekCG7qqGiCG41qHZvPREhA5FeQPsgTwQ==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2022/08/Commerce-Bank-art-for-September-2022-native-content.jpg
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: m-8yezqlw0tgdo85ckmJFYGkDkLdKgzEVNbSLHLvxU5z5bk-_qb9zg==
content-length: 1333

GET
H3 200 rss.png
journalrecord.com/wp-includes/images/ 608 B
1 KB 17ms
16ms Image
image/png 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-includes/images/rss.png
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 29 Oct 2022 12:39:11 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 1120007
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 608
last-modified: Wed, 07 Nov 2012 18:49:10 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4IFze_km6c8aIQCLJg7mMbnKKzOUMR3khP2_KhPT9All9_B_cH5EWg==

GET
H3

200

Brinkman-Lillie-Beth-70x70.jpg
journalrecord.com/wp-content/blogs.dir/1/files/2017/07/
Redirect Chain

https://journalrecord.com/files/2017/07/Brinkman-Lillie-Beth-70x70.jpg
https://journalrecord.com/wp-content/blogs.dir/1/files/2017/07/Brinkman-Lillie-Beth-70x70.jpg

2 KB
3 KB

15ms
14ms

Image
image/jpeg

18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://journalrecord.com/wp-content/blogs.dir/1/files/2017/07/Brinkman-Lillie-Beth-70x70.jpg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 4f885b50bf51765b54f8cbb76562e404107c35df93dd2c1646cc4121b3fa5778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 06:01:28 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
age: 20671
x-amz-cf-pop: HAM50-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2225
last-modified: Sat, 30 Oct 2021 05:47:48 GMT
server: nginx
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4V9LZMAQz60ep3lajMgIX8a3foyVC8jGXig6G_hzkWPk9MbJCaE2JQ==

Redirect headers

x-zephr-cache: miss
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: text/html
location: https://journalrecord.com/wp-content/blogs.dir/1/files/2017/07/Brinkman-Lillie-Beth-70x70.jpg
cache-control: no-cache, no-store, no-transform
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zulLv1nkH0BP29DM2FqQ-KhdDdNU3R8-krw7WvRzC6iBPlEOtRYL5w==
content-length: 1333

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1830.016-3.025/ 183 KB
56 KB 25ms
24ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1830.016-3.025/ice.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96fdf28a15fb14d1f93c533a7d9b34039949daf4da7d89ca1445885d46875a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 08 Nov 2022 12:31:10 GMT
server: cloudflare
age: 12072
etag: W/"2dace-5ecf4b70390b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7686c8e7097b9bfb-FRA
expires: Sun, 11 Dec 2022 08:24:46 GMT

GET
H2 200 rules-p-29W-admf9poxY.js Show response
rules.quantcount.com/ 160 B
642 B 70ms
13ms Script
application/javascript 2600:9000:223c:2600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-29W-admf9poxY.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0aff0abfe1eec2bb02ed960e35f89e6dda7e54ddc95c80cad43bfc8a319f64f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:41:59 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1056
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:43:11 GMT
server: AmazonS3
etag: "3bd0473d492bac721768a82a29227ca2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: nceoeGRhH42g-_Wh1TzCIwXOTDx8JQdWMgcaIJMCIdCqwnayeYCIxw==

GET bootstrap.js
c.compete.com/bootstrap/0406a660fcef05313cf19e49a64a9f9b/ 0
0

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 113 KB
37 KB 69ms
9ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: c8904e3972e2d84a7e2f4e93b99b991cddf5039156cacbaa1b900bc35b266d97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:58 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Wed, 02 Nov 2022 17:26:43 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 292
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6362a853-1c308"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: c4d6a89671e6bcd4056228157028c4ad
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 41ms
9ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/wp-content/mu-plugins/mkt/mkt_footer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 01:09:05 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 38214
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: -S4T8GDzz2XtsXCZbi8PmJ_xE9HqxQAGAFPKcl68zwEyk5qvF_8dJw==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 136ms
30ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1668167158918&plid=39776324&idsite=journalrecord.com&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&sref=&sts=1668167158912&slts=0&title=Arvest+Winterfest+to+mark+15th+anniversary+%7C+The+Journal+Record&date=Fri+Nov+11+2022+11%3A45%3A58+GMT%2B0000+(GMT)&action=pageview&pvid=59939844&u=pid%3Dbe19510ea9f6a722435b2b71f1cec4ce
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 11:45:59 GMT
Cache-Control: no-cache
Last-Modified: Friday, 11-Nov-2022 11:45:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 datalayer Show response
journalrecord.com/blaize/ 227 B
827 B 111ms
110ms XHR
application/json 18.155.145.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://journalrecord.com/blaize/datalayer
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.155.145.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-145-111.ham50.r.cloudfront.net
Software: /
Resource Hash: 427621afdf242d5e7afa7223b6c49e1a6e78050b2f875be4cf4885a7a1404cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
via: 1.1 f831aab6d5418e01406fa93bd6a1d650.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-P1
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KOknJSdkFnGZF_nwKz0iGTiKLwqyRIPxLC1S5r6m_vgUQI7DbIyUvw==
content-length: 227
x-blaize-request: ffffffffa2335124

POST
H2 200 OL9je7qAhU Show response
api.userway.org/api/tunings/ 2 KB
2 KB 547ms
178ms XHR
application/json 44.241.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/OL9je7qAhU
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.209.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-209-103.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4f5c4fe04604ad6f1a3717652d0ecef27caf72262ae8c403b823f18e6b90f50b

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
etag: W/"6df-jBaKuG0xweAPLKMgWgyJmLYfN84"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrc7ee117e46ea497
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 1759
x-service-version: uw-pr

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 5338 22 KB
8 KB 33ms
25ms Document
text/html 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CUJ112MK&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0e9fb7a8706c535cecfeb548672340fddf82d8b180cf00149476d62c75e58210

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 7994
content-type: text/html; charset=UTF-8
date: Fri, 11 Nov 2022 11:45:59 GMT
expires: Sun, 13 Nov 2022 11:45:59 GMT
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 share_button.php Show response
www.facebook.com/plugins/ Frame 9727 40 KB
15 KB 156ms
122ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?href=https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/%20&layout=button_count&size=small&mobile_iframe=true&width=86&height=20&appId

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de70d9a8e68e5d4b3dcfe378e1db643caae5fd218b7d4e994d0c0df7bff676f1

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 11:45:59 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: cvRSVlBAp1DD56xMraGORoz6b+6JzsudmMtiT/QlGFJ8M+Ci7i1OZpxNWmaHjLhLz0kvZQ3Uslt4Eig2OfuNLA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 43ms
33ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://journalrecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 2209494
cdn-cachedat: 08/15/2022 13:52:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c1940222273a1fb37c69f291d99a05f1
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7686c8e82bea91ff-FRA
cdn-requestpullsuccess: True

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 117ms
43ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=19422021&t=pageview&_s=1&dl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&ul=en-us&de=UTF-8&dt=Arvest%20Winterfest%20to%20mark%2015th%20anniversary%20%7C%20The%20Journal%20Record&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=387075500&gjid=1543677588&cid=1763838936.1668167159&tid=UA-141441-12&_gid=1252727562.1668167159&_r=1&_slc=1&z=1212064017

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 119ms
51ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=19422021&t=pageview&_s=1&dl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&ul=en-us&de=UTF-8&dt=Arvest%20Winterfest%20to%20mark%2015th%20anniversary%20%7C%20The%20Journal%20Record&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=938062926&gjid=638462640&cid=1763838936.1668167159&tid=UA-141441-76&_gid=1252727562.1668167159&_r=1&_slc=1&z=985863612

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 110ms
44ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=19422021&t=pageview&_s=1&dl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&ul=en-us&de=UTF-8&dt=Arvest%20Winterfest%20to%20mark%2015th%20anniversary%20%7C%20The%20Journal%20Record&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=537674902&gjid=1979617510&cid=1763838936.1668167159&tid=UA-51861146-1&_gid=1252727562.1668167159&_r=1&_slc=1&z=1497643850

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame C1C0 0
66 B 137ms
128ms Document
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3268076&wsid=0&pdom=journalrecord.com&purl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1830.016-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7686c8e91ef89bfb-FRA
content-length: 0
date: Fri, 11 Nov 2022 11:45:59 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
33 B 162ms
159ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3268076&wsid=0&pdom=journalrecord.com&purl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1830.016-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7686c8e91f009bfb-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 326 B
519 B 186ms
184ms Script
text/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3268076&wsid=0&pdom=journalrecord.com&purl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&jsv=1830.016-3.025&_cb=16681671592080
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1830.016-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cfb1bbe45960d60b89d0a43485163e957e5d8b99014ae6cf9770fc8a99643a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript;charset=UTF-8
p3p: CP="NON DSP NID OUR COR"
cache-control: max-age=0
cf-ray: 7686c8e91efd9bfb-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 config Show response
prebid.media.net/rtb/prebid/analytics/ 45 B
271 B 110ms
40ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid/analytics/config?cid=8CUJ112MK&dn=journalrecord.com
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e08cc0db8b2a31529e8fd60ec62e764701c2ff86312fa50d292028a6205c3e71

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: max-age=900, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 11 Nov 2022 12:00:59 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
253 B 110ms
47ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ112MK
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
114 B 108ms
48ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ112MK
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
114 B 136ms
78ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ112MK
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
114 B 128ms
74ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ112MK
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 154ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=journalrecord.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 148ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=journalrecord.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 758 B
445 B 80ms
79ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x60&ifi=1&adks=3866435310&sfv=1-0-39&prev_scp=pos%3Drealestate%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784&cust_params=pos%3Dincontent&sc=1&cookie_enabled=1&abxe=1&dt=1668167159292&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=878&adys=1047&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=160x0&msz=160x0&fws=0&ohw=0&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a91c83ac7a49f003ab0902a19dcc5579ce9f19370550fd66ad4fc96f39ac251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 414
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 555 B
302 B 82ms
82ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=275x72&ifi=2&adks=1459047190&sfv=1-0-39&prev_scp=pos%3Datf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784&cust_params=pos%3Dincontent&sc=1&cookie_enabled=1&abxe=1&dt=1668167159300&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=1080&adys=423&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba2374ab4da2d4aef41002457baee004bbeb475f3b0e12d8dca85b4a04630b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 271
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 555 B
301 B 87ms
86ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=275x72&ifi=3&adks=831456903&sfv=1-0-39&prev_scp=pos%3Dbtf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784&cust_params=pos%3Dincontent&sc=1&cookie_enabled=1&abxe=1&dt=1668167159304&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=1080&adys=947&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86f3f0fe1ce28a921ab7b85d5dab32975ce0e7b0391dd9d8f3f7aa5295fe7375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 270
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f5b370301eba121ff11a3e827d7eb72c.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame E769 6 KB
3 KB 138ms
43ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5b370301eba121ff11a3e827d7eb72c.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 11:45:59 GMT
expires: Sat, 11 Nov 2023 11:45:59 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ffA4vXkBp06iJ5V25k94 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 205ms
163ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/ffA4vXkBp06iJ5V25k94

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c9280a2af7b2aed15efee50c2b5831a65969a2bf7f7ee877173ecfc9523560d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7686c8ea29549b82-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type

GET
H2 200 GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 9727 272 B
678 B 44ms
7ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?href=https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/%20&layout=button_count&size=small&mobile_iframe=true&width=86&height=20&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
content-md5: lIjeC3eJAboxVqIOEs/Auw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 272
x-fb-rlafr: 0
x-fb-debug: Nkt8lV7J/T3ncXF0odf+W8WfkqNC1nZdnIcz59LgNVtuhIsUvu3PHP9jv0dC5ZUampFTXZhzLGqoaVh3gJIehA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 03 Nov 2023 05:28:22 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 8ms
8ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9289482&cs_it=b3&cv=3.8.0.210223&ns__t=1668167159358&ns_c=UTF-8&c7=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&c8=Arvest%20Winterfest%20to%20mark%2015th%20anniversary%20%7C%20The%20Journal%20Record&c9=
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 4UIwvMEnc5mIJW3ehanbZXlSFbK-laXXGbbc3BsgXlSY1kABo_ecvQ==
x-cache: Miss from cloudfront

GET
H2 200 pixel;r=2134496711;labels=Business;rf=0;a=p-29W-admf9poxY;url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F;uht=2;fpan=1;fpa=P0-872078422-16681671...
pixel.quantserve.com/ 35 B
371 B 19ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2134496711;labels=Business;rf=0;a=p-29W-admf9poxY;url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F;uht=2;fpan=1;fpa=P0-872078422-1668167158886;pbc=;ns=0;ce=1;qjs=1;qv=4a00825e-20221110201859;cm=;gdpr=0;ref=;d=journalrecord.com;dst=0;et=1668167159363;tzo=0;ogl=locale.en_US%2Csite_name.The%20Journal%20Record%2Ctype.article%2Ctitle.Arvest%20Winterfest%20to%20mark%2015th%20anniversary%20%7C%20The%20Journal%20Record%2Cdescription.Tulsa%E2%80%99s%2015th%20annual%20Arvest%20Winterfest%20presented%20with%20CommunityCare%20will%20feature%20%2Curl.https%3A%2F%2Fjournalrecord%252Ecom%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F;ses=198ab8ca-5118-4886-b890-c57a5fd605fc

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-141441-12&cid=1763838936.1668167159&jid=387075500&gjid=1543677588&_gid=1252727562.1668167159&_u=IEBAAEAAAAAAACAAI~&z=1496349732

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 7ms
7ms Stylesheet
text/css 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Wed, 02 Nov 2022 17:26:47 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 302
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6362a857-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a3f3ff6bb944e641be16f217c279d7a0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ctwtuhsczgsxar4oietx Show response
api.omappapi.com/v2/embed/27534/ 4 KB
2 KB 134ms
98ms XHR
application/json 18.66.112.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/27534/ctwtuhsczgsxar4oietx
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-59.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 7f2f45a60435d34aa62ddf61aff36546b193eb55498e7904903ecc83b7b5a3b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:53 GMT
content-encoding: gzip
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: HIT
x-cache: Miss from cloudfront
x-optinmonster-campaign: ctwtuhsczgsxar4oietx
x-user-agent: standard--
last-modified: Tue, 05 Apr 2022 20:16:43 GMT
server: Pagely Gateway/1.5.1
etag: W/"a4d3ae242b5d6e957abdaced40251c70"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Campaign, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: 3tyoM3geiHcVyAFirebRYVJDtZKE3xQ6Zm27kbxvgyxv7qENqC3lmw==
expires: Fri, 11 Nov 2022 11:36:14 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/993473520/ 42 B
64 B 124ms
48ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/993473520/?random=1668167158856&cv=9&fst=1668164400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&tiba=Arvest%20Winterfest%20to%20mark%2015th%20anniversary%20%7C%20The%20Journal%20Record&fmt=3&is_vtc=1&random=1577545096&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/993473520/ 42 B
548 B 128ms
48ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/993473520/?random=1668167158856&cv=9&fst=1668164400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&tiba=Arvest%20Winterfest%20to%20mark%2015th%20anniversary%20%7C%20The%20Journal%20Record&fmt=3&is_vtc=1&random=1577545096&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/ 353 KB
116 KB 155ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4331931166610770&plah=journalrecord.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3f7bbbb88908e7fd5a29b3a9f193bd51e0979027bd53cc2107d39065a81673a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119048
x-xss-protection: 0
server: cafe
etag: 15360487115528063199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/ Frame 953A 10 KB
4 KB 108ms
35ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 20:01:29 GMT
etag: 10353107486223812946
expires: Thu, 24 Nov 2022 20:01:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A4D3 43 KB
23 KB 59ms
59ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le2xiMTAAAAAFD40x_ZtsDlPGwfRMUy7mVRR2Ki&co=aHR0cHM6Ly9qb3VybmFscmVjb3JkLmNvbTo0NDM.&hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&theme=standard&size=normal&cb=wmpzcoog0myl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7540f071e0413fc323a966c1020888298072205fb4419b53d4e0f61cbac2350

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WW7GKUe1frTgXgLGjebpVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23212
content-security-policy: script-src 'report-sample' 'nonce-WW7GKUe1frTgXgLGjebpVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 11:45:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YZuq799CPDQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y8/l/de_DE/ Frame 9727 541 KB
141 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y8/l/de_DE/YZuq799CPDQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ccf96a52f5ed61b87840df5971494343d64b416b45cb1379a4aa6649939665b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +R6ndCnzWmDrx4SJNCqLPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144061
x-fb-rlafr: 0
x-fb-debug: wUBCY5a9eJTRn5ixgLshBYEYModv7ssUWi9XYseyvmw/km7Kf8AhmihSmkwbuONoLWK/lu9Gr/gSOyU4zFH8Jg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Nov 2023 00:05:31 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
114 B 51ms
51ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ112MK
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 log
pb-logs.media.net/ 35 B
200 B 41ms
8ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&dn=journalrecord.com&ref=&screen=1600x1200&cid=8CUJ112MK&lper=4&plper=&gdpr=0&ajx=1&pbv=v7.3.0&pbav=1.0.0&flt=1&supcrid=top_leaderboard&og_supcrid=div-gpt-ad-top_leaderboard&tmax=1500&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522540065233%2522%252C%2522dfpDiv%2522%253A%2522div-gpt-ad-top_leaderboard%2522%252C%2522dfpAdPath%2522%253A%2522%252F13051489%252Fokcjournalrecord%2522%252C%2522svr%2522%253A%2522111010_477_1009_236_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=354f4db5-7eca-440e-bb82-11f7dcb03ea3&pbsLogs=%7B%7D&sts=0&ets=280&tts=283&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=283&cs=&params=&advurl=&bidId=-1&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=278&cs=&params=&advurl=&bidId=2a68e6924b4fc2&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=570637724&pubcrid=570637724&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains
date: Fri, 11 Nov 2022 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 83ms
83ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=2048605767&sfv=1-0-39&prev_scp=pos%3Datf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784%26hb_prebidmanage%3D1%26hb_abt%3Dmp&cust_params=pos%3Dincontent&sc=1&cookie_enabled=1&abxe=1&dt=1668167159537&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=652&adys=67&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e525fb1ab3af924d18be95f9d2da5baca2a8761b66aa8e8ecebf65e0d24a77a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
google-lineitem-id: 6115657177
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138405122069
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
114 B 50ms
49ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ112MK
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 log
pb-logs.media.net/ 35 B
200 B 26ms
7ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&dn=journalrecord.com&ref=&screen=1600x1200&cid=8CUJ112MK&lper=4&plper=&gdpr=0&ajx=1&pbv=v7.3.0&pbav=1.0.0&flt=1&supcrid=top_leaderboard&og_supcrid=div-gpt-ad-top_leaderboard_mobile&tmax=1500&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522540065233%2522%252C%2522dfpDiv%2522%253A%2522div-gpt-ad-top_leaderboard_mobile%2522%252C%2522dfpAdPath%2522%253A%2522%252F13051489%252Fokcjournalrecord%2522%252C%2522svr%2522%253A%2522111010_477_1009_236_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=d348c6e7-0451-4217-a143-4b4209173a92&pbsLogs=%7B%7D&sts=0&ets=292&tts=293&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=293&cs=&params=&advurl=&bidId=-1&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=320x100&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=292&cs=&params=&advurl=&bidId=4d172e109d9368&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=320x100&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=570637724&pubcrid=570637724&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains
date: Fri, 11 Nov 2022 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 85ms
84ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100&ifi=6&adks=4114325531&sfv=1-0-39&prev_scp=pos%3Datf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784%26hb_prebidmanage%3D1%26hb_abt%3Dmp&cust_params=pos%3Dincontent&sc=1&cookie_enabled=1&abxe=1&dt=1668167159551&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=320x0&msz=0x0&fws=128&ohw=0&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d98d42a273525ca73398f50f281da9c331c184ae1f3803156a7e1bff7fbdb8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12774
x-xss-protection: 0
google-lineitem-id: 6138938558
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138408952038
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 106ms
34ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?11102022
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:13:31 GMT
content-encoding: br
age: 1948
x-guploader-uploadid: ADPycduy2JCq-urjlYXZ-fQxExib_9sC6g59Jh4IMCL1Vv4cPzYie0FZ0dM5T48-FC4IFIwr85_Q7XfNAfjy_JCSuPEzEQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10479
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
114 B 55ms
54ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ112MK
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 log
pb-logs.media.net/ 35 B
200 B 7ms
6ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&dn=journalrecord.com&ref=&screen=1600x1200&cid=8CUJ112MK&lper=4&plper=&gdpr=0&ajx=1&pbv=v7.3.0&pbav=1.0.0&flt=1&supcrid=rightrail_atf&og_supcrid=div-gpt-ad-rightrail_atf&tmax=1500&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522591994627%2522%252C%2522dfpDiv%2522%253A%2522div-gpt-ad-rightrail_atf%2522%252C%2522dfpAdPath%2522%253A%2522%252F13051489%252Fokcjournalrecord%2522%252C%2522svr%2522%253A%2522111010_477_1009_236_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=499b265a-455b-46a1-bc7a-5158377dda37&pbsLogs=%7B%7D&sts=0&ets=314&tts=315&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=315&cs=&params=&advurl=&bidId=-1&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=314&cs=&params=&advurl=&bidId=859b0606011f91&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=127155105&pubcrid=127155105&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains
date: Fri, 11 Nov 2022 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 83ms
83ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&eid=676982961&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&adks=170092012&sfv=1-0-39&prev_scp=pos%3Datf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784%26hb_prebidmanage%3D1%26hb_abt%3Dmp&cust_params=pos%3Dincontent&sc=1&cookie=ID%3Dd2c39013683c624a%3AT%3D1668167159%3AS%3DALNI_MYKTxK13x6jUK2UeNz-m7CoBDDESw&gpic=UID%3D00000b7fb4c58f45%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_Mb_gm11fsBMNheNAMeAvxbqSWi4Vg&abxe=1&dt=1668167159578&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=1080&adys=258&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b6a4f8a6e6a7258374c1b611b5127b5971acc7678d261b4906ba53ae2c5d18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12659
x-xss-protection: 0
google-lineitem-id: 6147411326
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138410654745
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
114 B 48ms
48ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJ112MK
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CUJ112MK&dn=journalrecord.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 log
pb-logs.media.net/ 35 B
200 B 7ms
7ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&dn=journalrecord.com&ref=&screen=1600x1200&cid=8CUJ112MK&lper=4&plper=&gdpr=0&ajx=1&pbv=v7.3.0&pbav=1.0.0&flt=1&supcrid=Multisized_Catchall&og_supcrid=div-gpt-ad-incontent&tmax=1500&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522832720432%2522%252C%2522dfpDiv%2522%253A%2522div-gpt-ad-incontent%2522%252C%2522dfpAdPath%2522%253A%252213051489%252Fokcjournalrecord%252Fincontent%2522%252C%2522svr%2522%253A%2522111010_477_1009_236_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=ddec39cb-af92-43c3-9457-cffd105f8af6&pbsLogs=%7B%7D&sts=0&ets=333&tts=334&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=334&cs=&params=&advurl=&bidId=-1&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=333&cs=&params=&advurl=&bidId=6257686cf5dc26&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=758855236&pubcrid=758855236&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains
date: Fri, 11 Nov 2022 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 87ms
86ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&eid=676982961&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord%2Cincontent&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x250&ifi=8&adks=4046569736&sfv=1-0-39&prev_scp=hb_prebidmanage%3D1%26hb_abt%3Dmp&cust_params=pos%3Dincontent&sc=1&cookie=ID%3Da18f92052b5d3a39%3AT%3D1668167159%3AS%3DALNI_MbEva6zcQEOd-6crgoikEIcs4h1fw&gpic=UID%3D00000b7fb5658eae%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_MZ9JJrTCqL8Pmsm4bdGn2JvWdt2Lg&abxe=1&dt=1668167159592&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=380&adys=874&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=620x0&msz=620x0&fws=0&ohw=0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df257eaec0f23bcfc1dc8e1685e425710c0bbe302ddbd6669318699faf045fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12653
x-xss-protection: 0
google-lineitem-id: 5999894070
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390178935
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2022-11-10/locales/ 433 B
825 B 22ms
7ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-11-10/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 11:45:59 GMT
via: 1.1 31035bb61f7468c9d95f8f0f36403248.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: BUD50-C1
age: 96
x-cache: HIT
x-77-cache: HIT
x-age: 68555
x-77-nzt: AcO1rgUlM5r/ywsBAA
x-accel-expires: @1694018604
last-modified: Thu, 10 Nov 2022 16:33:18 GMT
server: CDN77-Turbo
etag: W/"0c4b53012957584c54e80867ff489590"
x-77-nzt-ray: ffffffffd88ce5a6f7356e63fc800726
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: https://journalrecord.com
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Origin
x-amz-cf-id: xJK456RCDlxNHpM1pN2lx5-zcDWAhWdbZQGZxkBZ3j_qF8XIGwNszg==

POST
H2 200 143 Show response
p814.journalrecord.com/DG/DEFAULT/rest/rpc/ 26 KB
6 KB 380ms
379ms XHR
application/json 108.138.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p814.journalrecord.com/DG/DEFAULT/rest/rpc/143?referer=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-11-11T11%3A45%3A59%2B00%3A00&ts=1668167159627

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-109.fra56.r.cloudfront.net

Software

- /

Resource Hash

38280b105aaf9579313af804e9ff67b2cbc0387f35b62c144603c9c0ece8416b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 4949
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: jlu_55h9EEGv4kFRcJ7Aq0cZzFRYGN40dvAN83DYf2g3EeUOe3Tvaw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 8ms
8ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-197
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Fri, 05 Aug 2022 15:30:54 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 419
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"62ed37ae-40cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f1039a222c8ff9bcd0afaa7d6ab07353
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 17.abee1f1f.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 8ms
7ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/17.abee1f1f.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: dd9ede29e56d0b6ddced628c7764d79c5b32feac05630b54f2a66479191ae6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-198
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 18:56:54 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 177
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63616bf6-c8f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 13a2555881f6032c5d0e2eec97d83dfa
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 24.7ecb487a.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 9ms
9ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/24.7ecb487a.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: b1b4082e09dc24c18e2ab0a2c20cae130c79ff2d158d5445e35aef56d79dd4c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 15:08:33 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 89
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63613671-1758"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7830b02dbfabd2c3e63795fa97b79553
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 8.0f86fdd1.min.js Show response
a.omappapi.com/app/js/ 25 KB
8 KB 17ms
13ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/8.0f86fdd1.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 83d3feac92105cd902baf956709cb1a3460a61cacf14b6bf0eebda6fd3491a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 15:08:25 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 479
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63613669-6255"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 67f505bc6388e3e99b232edf523efc16
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.8cf1a289.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 16ms
14ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.8cf1a289.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 9f46232cd65b333e4786cf9486789d8c471abaf483fd99b717c44bdb17cb6302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 15:08:28 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 481
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6361366c-1aa8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bf1e947e11d193cdef5d494027206c37
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7.b21e555c.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 11ms
9ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/7.b21e555c.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 90170c06cfc78164ffb53c71f2ad709278e24ed7235dc52e5aa173effde6bb20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Wed, 28 Sep 2022 16:11:06 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 423
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6334721a-688"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 688b63416f6475b493c5b46ff2c15fb0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.c0e3afe8.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 12ms
11ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.c0e3afe8.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: cacf341856a2e2a2168fdb8229f7d686452cb8b69f7deccb6fa123347a6efad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 15:08:24 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 478
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63613668-7ca"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4605027dc0512065f9059301ea204c68
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 25.5386b39b.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 11ms
10ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/25.5386b39b.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 102b2cfbc6ef9c62904cb93b7ac2037584acbc570460f52ad05bf0f88f4cbc48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 15:08:30 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 469
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6361366e-adf"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: cbfcdab017eac986a61d925eeff0ae59
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 23.ec1a3de3.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 12ms
11ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/23.ec1a3de3.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 94cc6fc0df47398e88be23aaab41c2bd970aa8d3f3a7677d1552874b4d2f8d81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-198
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 15:08:30 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 91
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6361366e-4f6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 48870db8c13a937473731d72c98adba9
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 14.87e5505f.min.js Show response
a.omappapi.com/app/js/ 852 B
1 KB 13ms
12ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/14.87e5505f.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 1674937eea357b366cf071c614040b5248d6c82c0316bf0a4f8405748ea68c6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 14:36:46 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63612efe-354"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6534640bfcd7ff9ced2a7bf0ab1152c8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.79d1c2da.min.js Show response
a.omappapi.com/app/js/ 11 KB
4 KB 12ms
11ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.79d1c2da.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 512bc7d30635b1a46ab830f9b7e0ab12b35b4d799a23a91b067452567b150c3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 15:08:29 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 477
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6361366d-2b60"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f4e4820578ffaf29109f0c0fab2c7a82
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 18.3876cd15.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 13ms
11ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/18.3876cd15.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 1c9b4e5a2c510f699fcf2f911d4c20750e50292f09fce09665a1ca85fd808d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 11/09/2022 19:01:14
cdn-pullzone: 293267
last-modified: Tue, 01 Nov 2022 14:36:45 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 472
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63612efd-613"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9998987d809dc919a410d9f9b5b440c5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame A4D3 52 KB
24 KB 119ms
39ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le2xiMTAAAAAFD40x_ZtsDlPGwfRMUy7mVRR2Ki&co=aHR0cHM6Ly9qb3VybmFscmVjb3JkLmNvbTo0NDM.&hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&theme=standard&size=normal&cb=wmpzcoog0myl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 11:19:42 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame A4D3 399 KB
159 KB 140ms
59ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdfeba02862c96c6d6fa5c6ecc5db0b1f9c04b93941ffa0dd47b23e66a7f9e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 03:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162590
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 03:21:34 GMT

GET
H2 200 log
pb-logs.media.net/ 35 B
200 B 7ms
7ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&dn=journalrecord.com&ref=&screen=1600x1200&cid=8CUJ112MK&lper=4&plper=&gdpr=0&ajx=1&pbv=v7.3.0&pbav=1.0.0&flt=1&supcrid=bottom_leaderboard&og_supcrid=div-gpt-ad-bottom_leaderboard_mobile&tmax=1500&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522681018213%2522%252C%2522dfpDiv%2522%253A%2522div-gpt-ad-bottom_leaderboard_mobile%2522%252C%2522dfpAdPath%2522%253A%2522%252F13051489%252Fokcjournalrecord%2522%252C%2522svr%2522%253A%2522111010_477_1009_236_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=adfb386f-43da-439f-aca7-f7f1f4276bb5&pbsLogs=%7B%7D&sts=0&ets=423&tts=424&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=105&cs=&params=&advurl=&bidId=-1&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=320x100&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=103&cs=&params=&advurl=&bidId=16da8736af7455e&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=320x100&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=316740410&pubcrid=316740410&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains
date: Fri, 11 Nov 2022 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 322 B
158 B 215ms
214ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&eid=676982961&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100&ifi=9&adks=2218476357&sfv=1-0-39&prev_scp=pos%3Dbtf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784%26hb_prebidmanage%3D1%26hb_abt%3Dmp&cust_params=pos%3Dincontent&sc=1&cookie=ID%3D7c16f1e0b02fe22a%3AT%3D1668167159%3AS%3DALNI_MYO5kt-VwFfVEZ7fmDSWL0svJtDaQ&gpic=UID%3D00000b7fb568c698%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_MYzB7TfEPLt_eT-5L4YLSlpypdkEQ&abxe=1&dt=1668167159700&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=320x0&msz=0x0&fws=128&ohw=0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffc44bd6bf62008f7c6980b013a7667d22f4135c8ffe28236817a327d89e57a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B65 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlXsoWEuwK_TIgaHbIJaq7AUO6iS8LH7E_qN4Vra8SLtu2sBnKBHNIqbRNYyUE48XJGolp87dVsZvZ0TAC4qwHiveqljMngAlQW6tVwiAh7eeAyOk1AUOzg7rl8BqPqtsAm_o3q3IWOgaojraZGhNRasJq1IwRITkNP4uRA36W4mXAE0say1hYZ2NL4wazX_ngwhsVZiX-qDTQqihe5H3ElxGxM4xpeSZ7m2XZgSvxinFX-ThmcILRHq3YZvAVYfpfXoiIOZ_5Vj_am3XwtH3dXW0fC88BA3vdd0MjQJ0DvdLf0GhR57ggwRvhtof2U-ag_IOymKI&sai=AMfl-YQzz7OyqDUf1CRXvN2VRMbjdwh8crqrVuZCGOIPfVmnQSj5XWJMKftFvH_wlm1OEpGqbM7feT-z4noj359i-i7_GgAwMY_b_AJiY5ZDkFMP32ZtC30URTnKSGQXwvnj&sig=Cg0ArKJSzKZV4qMiuTZIEAE&uach_m=[UACH]&adurl=

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 4B65 3 KB
2 KB 143ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:07:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B65 154 KB
47 KB 555ms
477ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H2 200 2142530238143626628
tpc.googlesyndication.com/simgad/ Frame 4B65 14 KB
14 KB 181ms
79ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2142530238143626628

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75484114130fd537cebce232f092276161a2abf3c34f9dcd40436d30a95d49ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 15:25:26 GMT
x-content-type-options: nosniff
age: 73233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14403
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 20:18:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Nov 2023 15:25:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B65 0
0 44ms
43ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFQFVK1Y-_WnMy1SdpM04IjE9AGUbWfsaGB0g_l2Ze5mWowlj6ueaL6l-tDJq1YGkrUY4E
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA94 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8u6Q3SgMzUXn0Nck3M5RPVWLJ-F06syUnuuAh6opEoneKxhqFFfhAKf7hinwFpFLUyhyFkuUGfVSwrFitHdNuxfqJhRuqzDT2nLdINXDJOVknoX-q2L_HnbfRgN2LjgLNNyB4GKIJMbBvWdMCcWAPaUBAJHaJ3a-fFEXKfr85NoSafB5-dk17ssDd04lxuwarRqxTbi88L1widwr3JCQ1VJUfqKDBdld4wPuaC6swfYkA2nY30ZmLg3q8DOcpvsNxO0Qfs9lp0PVYrRoEFdNpYgCKGhDn4q8lTta4c141eo2q-o1we2dXF1gdB1AKKqps06zpZB4xNyau4GmQ8bIg-dxZBA&sai=AMfl-YQk4pA21cwZQeaYi9PbSvkvRSY78gw_zxVM9EckalkexrL0VcR9biucsJ7Pc2c9HIwbps8AfyZiMRqKyeCPO9odqtGnZdt4pRW3V8HTAM2edBFmEW187huPqx6ZMNwzgA&sig=Cg0ArKJSzKq2E1Rauqu1EAE&uach_m=[UACH]&adurl=

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame CA94 3 KB
1 KB 117ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:07:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA94 154 KB
47 KB 581ms
529ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H2 200 9461582797482998364
tpc.googlesyndication.com/simgad/ Frame CA94 16 KB
16 KB 119ms
43ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9461582797482998364

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d5cea83f226a1fb76d1c207d839507a6ed44c9bde9fd1cd43663de984a1922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:43:01 GMT
x-content-type-options: nosniff
age: 54178
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16465
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 14:37:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Nov 2023 20:43:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CA94 0
0 44ms
44ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZQpVIl0C6bEIhdxbJNuIKuAB5de1kF-hIV97C3xI1KLGx0JoiAHS6_vraHvp-Hj6x-waj
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H2 200 doq.htm Show response
rt3022.infolinks.com/action/ 1 KB
1 KB 441ms
395ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3022.infolinks.com/action/doq.htm?pcode=utf-8&r=16681671597901
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1830.016-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afcd26c36c7fce81fb68fe0ded7442480f5dd3ff8c6cc1fabdf7df8467a5e4b3

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://journalrecord.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-language: de-DE
cf-ray: 7686c8ecfb286983-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CA94 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 000fde3b908b576fa4cb9cc581630ad9b29e51b694884206b18bc73ce82dd99d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 log
pb-logs.media.net/ 35 B
200 B 7ms
7ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&dn=journalrecord.com&ref=&screen=1600x1200&cid=8CUJ112MK&lper=4&plper=&gdpr=0&ajx=1&pbv=v7.3.0&pbav=1.0.0&flt=1&supcrid=rightrail_stf&og_supcrid=div-gpt-ad-rightrail_stf&tmax=1500&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522268822556%2522%252C%2522dfpDiv%2522%253A%2522div-gpt-ad-rightrail_stf%2522%252C%2522dfpAdPath%2522%253A%2522%252F13051489%252Fokcjournalrecord%2522%252C%2522svr%2522%253A%2522111010_477_1009_236_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=f67c8bd6-13fe-4e7f-8483-8e2ad5867eef&pbsLogs=%7B%7D&sts=0&ets=536&tts=536&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=272&cs=&params=&advurl=&bidId=-1&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=270&cs=&params=&advurl=&bidId=103f8293e569acc&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=224654479&pubcrid=224654479&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains
date: Fri, 11 Nov 2022 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 130ms
49ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=journalrecord.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 122ms
46ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=journalrecord.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 122ms
122ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&eid=676982961&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&adks=3477868089&sfv=1-0-39&prev_scp=pos%3Dstf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784%26hb_prebidmanage%3D1%26hb_abt%3Dmp&cust_params=pos%3Dincontent&sc=1&cookie=ID%3D06dc564937f1303f%3AT%3D1668167159%3AS%3DALNI_MbAIVd86uQ3lrmd-2JTu4DVruGX0A&gpic=UID%3D00000b7fb5936715%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_MbLdq7uMckJCKLVm2D9pe5Fsc5n4Q&abxe=1&dt=1668167159803&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=1080&adys=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc3-wRx0p5Sd9Yf5x0K-voC86nqqFSwyc3eEwDp4rqfLgv8MQ6YXGLgS8DdbeHcmK9Dthhk6OMCKOVoma58%2CAMjMPc3cgPjjRJsGCFDuLXGTVLP1aXhU4s0TwlB-4CxpBjMk5g0n2y71SMN8bnbQBCEUeaYC670ecpeJoWIu8TI&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a06f19c748e7e08b4db00b3b8a47284330860c06e973a735a0782a2222ce0ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12895
x-xss-protection: 0
google-lineitem-id: 6131945949
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407814131
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B07 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzGnOUPXzL4pqMSW58c9FWTs-cVoGf3CtFBXeUIVJwmjQOCOWCdSS3nbJ_kQ7hHTyAcYsr8ewyHE6VrZ3CmvxP0HdCFSVv-rTdzBd6EVYcaDf92cnRqNStCd7Df9lampdmk8On9Jo2JPtWDioAOUUW-0ClzA0f1GGadv1scG4IZV58AZDHy6QgKNp4MylIkH3UCIYn-qf7cDL5Er_2Eycgt3F13vZ4O3nijEzJ1n-9l7sgolnsJrGOKPdRgRdYS1j-whtqYmYm3qVrOg-t5zWCysBWHVdCWICSS9c_x28Qe4KlRlhMLKufDWIDclnEjaQTPmNpgpU&sai=AMfl-YT2GiVh1o-dlzmH4TEsA1tUtwOQLetjM1a8mFFzCaI5xvnW_sr2s6i428gXpOIVdXlnDATLsNx8oPV_FY1maXo8E1UkqW1HFpvtPZE42n9RT21XPOab3xN_jbX8rdTZ&sig=Cg0ArKJSzC1_ztps4PZFEAE&uach_m=[UACH]&adurl=

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 4B07 3 KB
1 KB 51ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:07:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B07 154 KB
47 KB 466ms
466ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H2 200 4005551658283936718
tpc.googlesyndication.com/simgad/ Frame 4B07 93 KB
93 KB 99ms
91ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4005551658283936718

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a0c14d9b734ab565bab7148eeeb802babe7bbe6e03f4068fb528522297b7a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:43:22 GMT
x-content-type-options: nosniff
age: 165757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94875
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 14:34:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 13:43:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B07 0
0 46ms
46ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMguqERzLrvqA5evAdzUvuGJ2Gy-DwigERtCTyj_fNIsRWZvNDT-5oJcDR5lnEXw2brQIC
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 log
pb-logs.media.net/ 35 B
200 B 14ms
13ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&dn=journalrecord.com&ref=&screen=1600x1200&cid=8CUJ112MK&lper=4&plper=&gdpr=0&ajx=1&pbv=v7.3.0&pbav=1.0.0&flt=1&supcrid=rightrail_btf&og_supcrid=div-gpt-ad-rightrail_btf&tmax=1500&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522546603286%2522%252C%2522dfpDiv%2522%253A%2522div-gpt-ad-rightrail_btf%2522%252C%2522dfpAdPath%2522%253A%2522%252F13051489%252Fokcjournalrecord%2522%252C%2522svr%2522%253A%2522111010_477_1009_236_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=da3cb0fd-15e5-484a-afc9-9726a86f4a28&pbsLogs=%7B%7D&sts=0&ets=565&tts=566&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=287&cs=&params=&advurl=&bidId=-1&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=286&cs=&params=&advurl=&bidId=1255e6d820c3fdb&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=300x250&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=546363657&pubcrid=546363657&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains
date: Fri, 11 Nov 2022 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 100ms
99ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&eid=676982961&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=11&adks=1612836172&sfv=1-0-39&prev_scp=pos%3Dbtf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784%26hb_prebidmanage%3D1%26hb_abt%3Dmp&cust_params=pos%3Dincontent&sc=1&cookie=ID%3D50eeff8a79e9481e%3AT%3D1668167159%3AS%3DALNI_MYDLiOSuLhavB7FUyAlb3zgmmIUZA&gpic=UID%3D00000b7fb4ee9372%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_MYnfuISv6RpbfKoz7fOhKiD7Gb49Q&abxe=1&dt=1668167159835&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=1080&adys=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc3uopzggBWXHFEOdiuEWtYVWz_SNJEShwSSV5F_JKSB3-L0OxTHXl4USZAYEyXjSOmKhQusQ2CkupaDdBg%2CAMjMPc3-wRx0p5Sd9Yf5x0K-voC86nqqFSwyc3eEwDp4rqfLgv8MQ6YXGLgS8DdbeHcmK9Dthhk6OMCKOVoma58%2CAMjMPc3cgPjjRJsGCFDuLXGTVLP1aXhU4s0TwlB-4CxpBjMk5g0n2y71SMN8bnbQBCEUeaYC670ecpeJoWIu8TI&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

725eccfe3178cdf633236b4c9d324c55b3610f73713f7e53b239f964b5a086b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12859
x-xss-protection: 0
google-lineitem-id: 6115401083
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138405124908
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
pb-logs.media.net/ 35 B
200 B 7ms
7ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb-logs.media.net/log?logid=kfk&evtid=prebid_analytics_events_client&requrl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&dn=journalrecord.com&ref=&screen=1600x1200&cid=8CUJ112MK&lper=4&plper=&gdpr=0&ajx=1&pbv=v7.3.0&pbav=1.0.0&flt=1&supcrid=bottom_leaderboard&og_supcrid=div-gpt-ad-bottom_leaderboard&tmax=1500&ismn=1&vplcmtt=&adext=%257B%2522sspcrid%2522%253A%2522681018213%2522%252C%2522dfpDiv%2522%253A%2522div-gpt-ad-bottom_leaderboard%2522%252C%2522dfpAdPath%2522%253A%2522%252F13051489%252Fokcjournalrecord%2522%252C%2522svr%2522%253A%2522111010_477_1009_236_mp%2522%252C%2522tref%2522%253A0%252C%2522prspt%2522%253A%2522headerBid%2522%252C%2522g%2522%253A0%252C%2522usp_ldf%2522%253A%2522false%2522%252C%2522mnrf%2522%253A0%252C%2522mnrfc%2522%253A0%257D&acid=68479272-656d-4165-bb2d-7de227d3cc5d&pbsLogs=%7B%7D&sts=0&ets=574&tts=575&aucstatus=completed&flrdata=ln%3D%7C%7Cskp%3D%7C%7Cenfj%3D%7C%7Cenfd%3D%7C%7Csr%3D%7C%7Cfs%3D&lgtp=APPR&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=271&cs=&params=&advurl=&bidId=-1&adid=&pvnm=-2&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90&size=&mtype=banner&dId=&curr=&rests=&status=1&iwb=0&crid=&pubcrid=&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&icurr=&imul=&omul=&req_mtype=banner&res_mtype=&ltime=269&cs=&params=&advurl=&bidId=1416dcd83a4cc05&adid=&pvnm=medianet&src=client&ogbdp=&bdp=&cbdp=&dfpbd=&szs=728x90&size=&mtype=banner&dId=&curr=&rests=&status=2&iwb=0&crid=316740410&pubcrid=316740410&mpvid=&bidflr=&flrrule=&ext=%7B%7D&rtime=&targ=%7B%7D

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains
date: Fri, 11 Nov 2022 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 11 Nov 2022 11:45:59 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 113ms
113ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3174055483526761&correlator=888120096758518&eid=676982961&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fif&iu_parts=13051489%2Cokcjournalrecord&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=12&adks=97642183&sfv=1-0-39&prev_scp=pos%3Dbtf%26pgtype%3Darticle%26categoryid%3Dbriefs%2CTulsa%26articleid%3D691784%26hb_prebidmanage%3D1%26hb_abt%3Dmp&cust_params=pos%3Dincontent&sc=1&cookie=ID%3D50eeff8a79e9481e%3AT%3D1668167159%3AS%3DALNI_MYDLiOSuLhavB7FUyAlb3zgmmIUZA&gpic=UID%3D00000b7fb4ee9372%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_MYnfuISv6RpbfKoz7fOhKiD7Gb49Q&abxe=1&dt=1668167159844&lmt=1668167159&dlt=1668167157056&idt=2165&adxs=220&adys=2730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&frm=20&vis=1&psz=1160x0&msz=1160x0&fws=0&ohw=0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc3uopzggBWXHFEOdiuEWtYVWz_SNJEShwSSV5F_JKSB3-L0OxTHXl4USZAYEyXjSOmKhQusQ2CkupaDdBg%2CAMjMPc3-wRx0p5Sd9Yf5x0K-voC86nqqFSwyc3eEwDp4rqfLgv8MQ6YXGLgS8DdbeHcmK9Dthhk6OMCKOVoma58%2CAMjMPc3cgPjjRJsGCFDuLXGTVLP1aXhU4s0TwlB-4CxpBjMk5g0n2y71SMN8bnbQBCEUeaYC670ecpeJoWIu8TI&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9907d4db6059976f4bcb9682fb430be16077c408b5df0effe5f68baeebe1147a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12516
x-xss-protection: 0
google-lineitem-id: 6114583084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138404980511
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1972 0
0 74ms
74ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxccWUkJ2cUzU7ZU9DPOerQw13Uehx5P3SyBvqBsYrFH1A7FONifnDzbR6E-BjHlm2Fqma0EnGftNW7QbzY-gA4WnSK7um3WqKAVr9IbGjELXARJr-6rzFDENN0ohuJlElcKk0c5T91zAcRNKjDO3rmrpsiTxNHA0vlHLUf2GUvDl82VnEKayNHv7LXYOpiEBLOF0Jv6DETlepuOZ0z9wDVYLS6ds6-WtOoSU-SuiMubdsbCLCtR1JJvj1z91-LHiYIlbF5CxUHv5VZ0i6Z7aTB0-0_1iUqM0QvotkrkmYB2avTHNiHLJVqbHNG0AVcUiglunjf4c-DiTpMSKVdrs&sai=AMfl-YTvBr76oNMSiW3jDOiFK06TdZunPMWyDeYu4kQYyAfzzxlOGJw6I2nhhbQF7Dp1a3hoWIgLhXHeYj6q9eVTxhKOQC8W9NYJZM3xkRjkJnWU3OQcub544L-QWUR6N1YHSA&sig=Cg0ArKJSzPsoCYikOPKmEAE&uach_m=[UACH]&adurl=

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 1972 3 KB
1 KB 119ms
118ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16710
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:07:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1972 154 KB
47 KB 445ms
445ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H2 200 10098812862512945216
tpc.googlesyndication.com/simgad/ Frame 1972 41 KB
41 KB 119ms
118ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10098812862512945216

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58f74e686a36c39e942908a2ca1221eae23600cfca5ae26ee162e6b83d5f88cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 14:58:14 GMT
x-content-type-options: nosniff
age: 161265
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41675
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 12:37:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 14:58:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1972 0
0 46ms
46ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqgaGs-OLqYlGCEl7mfqGfeJozKpi3Gzj-M27TK4aJ5GKmItdlK0uEX4oUcKeYyue-M0dI
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 111ms
63ms Script
application/javascript 2606:4700:4400::ac40:9973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/ffA4vXkBp06iJ5V25k94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b600f1dc62b172effa1611f27da2410354b23d9bc79f34a525821752fafcde83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
x-amz-version-id: eiH8z613.BRzukjofzW7pfMQ5QqyyUJw
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 22696b6e831fc717b53b9273ad3341c2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
age: 67522
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 07 Oct 2022 12:51:20 GMT
server: cloudflare
etag: W/"39cbfce65efed785f567d3a64646eed5"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7686c8ed8cee9bd0-FRA
x-amz-cf-id: wjeuMhbhWFVFiSgMHuP64r5vHU7zJADU8Mgk1qOktSYxFSxdgG9p0Q==

GET
DATA 200
OK truncated
/ Frame 4B07 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04172e8299d44bf2ee976d5990a03db517539ae40ce8a9b9100e079a39433515

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1972 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c786f57d0e387b648e714e6c3d86c536b2bf0324dabee636670a15269d71459e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
419 B 96ms
65ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=journalrecord.com&callback=_gfp_s_&client=ca-pub-4331931166610770&cookie=ID%3D50eeff8a79e9481e%3AT%3D1668167159%3AS%3DALNI_MYDLiOSuLhavB7FUyAlb3zgmmIUZA&gpic=UID%3D00000b7fb4ee9372%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_MYnfuISv6RpbfKoz7fOhKiD7Gb49Q&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4331931166610770&plah=journalrecord.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beff6bf6593a535b744ce0535c2960efaa233fa4eb4ec710bfb15e3964308d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&tn=DIV&cls=mainBoxModal-modal-u-f-t-four&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 92ms
91ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D67A 603 B
65 B 57ms
57ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4331931166610770&output=html&adk=3046330955&adf=2044148826&lmt=1668167159&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668167159427&bpp=5&bdt=2371&idt=496&shv=r20221109&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D50eeff8a79e9481e%3AT%3D1668167159%3AS%3DALNI_MYDLiOSuLhavB7FUyAlb3zgmmIUZA&gpic=UID%3D00000b7fb4ee9372%3AT%3D1668167159%3ART%3D1668167159%3AS%3DALNI_MYnfuISv6RpbfKoz7fOhKiD7Gb49Q&nras=1&correlator=4424441814628&frm=20&pv=2&ga_vid=1763838936.1668167159&ga_sid=1668167159&ga_hid=19422021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C44774648%2C42531706%2C44775016&oid=2&pvsid=3174055483526761&tmod=205606318&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=516

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 11:45:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 utsync.ashx Show response
ml314.com/ 62 B
81 B 177ms
100ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=87440&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&pv=1668167159954_01cql8v8b&bl=en-us&cb=5563306&return=&ht=&d=&dc=&si=1668167159954_01cql8v8b&cid=&s=1600x1200&rp=&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?11102022
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:45:59 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 519ms
173ms Script
application/javascript 54.174.82.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=11102022&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?11102022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.82.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-82-79.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 11:46:00 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Sat, 12 Nov 2022 11:46:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3986 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbuLM9--4xN9WR_P2-YYyOHbiimvuvaQbbQHmvq6vLT1djeswhU1IYA-VGH4KiUTkgkEJ65MRddK_tTlKDDcSvnaZ7zD-rchyywCvadiHrE-J9SoX34FnWGju2zjpM_zYvkh1STUD4LvFb6d1-cK-Da7-4Qc8X-tL7NQxk_KmaptANszF7oFQddzGn9M2pknzb8hiK8zCSz2dXcrpzVJMvoX5cFQR27vqNxN07JMuHD1bSL8qSoAD3GwuQAPFnIZI913cugPHSbr-1xFaILrt7lPMMiBbdbdLXTKlXDCdBbyXeRgaDhZN7AqjuPXT2yPKtZ5FAFTQ&sai=AMfl-YSIHeoLSo4039zzShDrCz6jp1bekkHybC8XYYw-EMU7_tLAFBvnZUOamE9P7opJUDTxgGO6_6z7hWzdj-xbdObB5p1jZwIXzjgyE1Ncbd67LBGXP078IU_z6eSkvJc7&sig=Cg0ArKJSzD4hFhRYw-r9EAE&uach_m=[UACH]&adurl=

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 3986 3 KB
1 KB 130ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:07:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3986 154 KB
47 KB 346ms
345ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H3 200 14343790169506484512
tpc.googlesyndication.com/simgad/ Frame 3986 123 KB
123 KB 151ms
59ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14343790169506484512

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5420ef80b0993ad9cb1b745682ef732d48ad25cf05d52b72c9f0a381a727069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 13:34:16 GMT
x-content-type-options: nosniff
age: 166304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125920
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 17:22:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 13:34:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3986 0
0 54ms
53ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqY1U56nhELLz1g8hw41jSw5XzyhYtqrmLlXabWAEpiTID9vZEAxgEtRaLbgZgMZYY5maY
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FB5 0
0 73ms
72ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt4ffVqtu0gkydp3IH1r8tITZpE5OqBp4AjeGiNGDzjcG_bGhVS6qRv7BqoG5jVBBU2gyZpQ3HqN03uYB-bupLyRjxm0-jTDV2VAxOaxiJjcVhjGsQIb8AprH_VpjDHJQos2tsny6ZpZzZ3W8-uFSvP-9PC82dgC0w4MghIc_yhuf0op5deduwtuqjmnDFGoNx_dE1AmF56nSZkxBVxCoTvaTKG_6DxWgE7QPGVTgHdK96OpbdaF_N1Um1TJEs2TwPj0vjVBatcfFL13pC3Ize4M3p6jvY2ZrV3fZoh8TXHRiJUv_0KcGVE5jkDBNOfI0evAvP3x5Ni-y8weOj-3QUoGJKnw&sai=AMfl-YRTXSaO9SgnFN7nA3f9Nu5R6PR62a8EtWqTut2H4mQcNq1LlUj1a1jyjTnjdhSoem_JvZDRObZ5-7ngcnLelJf4t7sdpWR0FP1MigOb56cgvjWgnm1tpBsCAFq5h0vz&sig=Cg0ArKJSzMP8zhxha-SyEAE&uach_m=[UACH]&adurl=

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 3FB5 3 KB
1 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:07:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FB5 154 KB
47 KB 370ms
369ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H3 200 14162833408794640831
tpc.googlesyndication.com/simgad/ Frame 3FB5 98 KB
98 KB 116ms
40ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14162833408794640831

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9edf30657ad8be0acaf0cef0aa4be64d47c3290a2f3d70077ba738b784f5305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 06:44:49 GMT
x-content-type-options: nosniff
age: 363671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99868
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 15:46:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 07 Nov 2023 06:44:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3FB5 0
0 44ms
43ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKtlTn5lQzwbuB_tzTZyoUQu0Vi3idRQ4VSIfvCtMqIAkHXscaR6jzmbU5xZ5RXWT44J5n
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A4D3 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A4D3 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A4D3 2 KB
2 KB 42ms
42ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 233172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 15 Nov 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A4D3 15 KB
15 KB 123ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:32:01 GMT
x-content-type-options: nosniff
age: 98039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 08:32:01 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
667 B 119ms
46ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 11:09:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H2 200 bdeca9fe2ad61647538105-OKC.svg
a.omappapi.com/users/b563054e5e5f/images/ 9 KB
4 KB 13ms
11ms Image
image/svg+xml 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/b563054e5e5f/images/bdeca9fe2ad61647538105-OKC.svg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 4e7060149a05c42f5abb8b1929c8f787399d31746a1f50f72055597a582bcc94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: br
cdn-edgestorageid: 713
perma-cache: HIT
cdn-storageserver: DE-198
cdn-cachedat: 11/09/2022 22:00:57
cdn-pullzone: 293267
last-modified: Thu, 17 Mar 2022 17:30:19 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 315
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6233702b-259a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d34792df61bb0c983a64e9779bf889c1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F80 0
0 77ms
75ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxpRjro-Tk99YWxjoh_QZXM7irf42V7vem1Eqh6jjBdzT6fws2jla0Ie2gBuULuQoiC_eOJzKV2XLv-ln4Tio_DWhteVpjP2pOhdEWRtseEStjyR9kWF0jYYiZGYOSRw88r0SV-rLKLuWt6M_Y46L6F6Xvd_liTas1PMxieJOXQVstsCDAUd4llasuhe5o7P_gHwefyP63CZzEQ1KMC3OOJ5CIQQYR7apC_jOvmvJaLSXZsEozv10tePDL3cZfqHqmpkqOlU2LUydvvGt7iQMxEMc7FWFRSccOAU95zYd29I7dPwxWBQ6RW8P1FkzaPm_Sw4MQwj6OTcBfiwX2WjAjuZZhNQ&sai=AMfl-YRYAvrZrEY-TbQVnY7MrBl2RQnvMHmnispO2jgrd68X3B4n5IjFromht0Te3kC0Qu2j1VzYzkXUVA3GLOnSWTadz9glkgtGMElxF_Zj9XH-0J9dh6FUgwxkoAHBIvRi&sig=Cg0ArKJSzJP3J30CEN70EAE&uach_m=[UACH]&adurl=

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 6F80 3 KB
1 KB 72ms
69ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:07:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F80 154 KB
47 KB 282ms
282ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H3 200 17554123130287843143
tpc.googlesyndication.com/simgad/ Frame 6F80 64 KB
64 KB 72ms
72ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17554123130287843143

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e698a4a3656f72197da0666ac6065c32964060dd429fbc6d60f1a742875c62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 09:28:37 GMT
x-content-type-options: nosniff
age: 94643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65562
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 15:41:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Nov 2023 09:28:37 GMT

GET
DATA 200
OK truncated
/ Frame 3986 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58c8b19d3af0e9c4390d80c079abdb258b38605f3d01b290fd89d0e41c18f6b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3FB5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fbf7fb92c0f6ff3f55ab1529766556517cb03fc70c4ea7f99b226d7c981e4a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6F80 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3aad63d17ddcb74eecd9faedd054000a8077b5187daf73e122d2a0b834aba853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dcf3630cb473269971129992788d8d70 Show response
p814.journalrecord.com/plugin/plugin/ 136 KB
33 KB 10ms
8ms Script
text/javascript 108.138.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p814.journalrecord.com/plugin/plugin/dcf3630cb473269971129992788d8d70

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-109.fra56.r.cloudfront.net

Software

- /

Resource Hash

2c7533545a1eb5942c266180a7a72263a42ba8511792c900f069b4a8c65c6d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 55276
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 33149
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Nov 2022 20:24:44 GMT
server: -
etag: dcf3630cb473269971129992788d8d70
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 62TLawqV_WCPKH4YbQIxvbdwsSzwlNlXMLoG44k9v57loAPkqI4-Xg==
expires: Fri, 10 Nov 2023 20:24:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A4D3 102 B
134 B 45ms
45ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2de9efed8be24712fdfcb8a83726e5acd57a10e8ab334ebe55c8d671a217566

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le2xiMTAAAAAFD40x_ZtsDlPGwfRMUy7mVRR2Ki&co=aHR0cHM6Ly9qb3VybmFscmVjb3JkLmNvbTo0NDM.&hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&theme=standard&size=normal&cb=wmpzcoog0myl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H2 200 remediation_1668097843152.js Show response
cdn.userway.org/widgetapp/2022-11-10/remediation/ 152 KB
37 KB 16ms
15ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-11-10/remediation/remediation_1668097843152.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a9e86c9bce35e1d1d05b3e4fe6c3379093f30ae4305105c9a97228de5377994b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 11:46:00 GMT
via: 1.1 d78805a0dcdbb4f0c955095c7c1a0fb6.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: BUD50-C1
age: 27
x-cache: HIT
x-77-cache: HIT
x-age: 68492
x-77-nzt: AcO1rgWlzvz/jAsBAA
x-accel-expires: @1694018668
last-modified: Thu, 10 Nov 2022 16:33:18 GMT
server: CDN77-Turbo
etag: W/"d48f7aa116aa51e3ab0cb5f8105735c4"
x-77-nzt-ray: ffffffff8b904499f8356e63587d380b
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: -9ADQJuSbiXI_1hySqPQgK-sA_rub2ytCSlyaAr5R9xtYxKz4TKv2w==

GET
H2 200 k8NaZP32dkV2g5Oc.json Show response
cdn.userway.org/remediations/consolidated/1021789/ 1 MB
162 KB 1418ms
1418ms XHR
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1021789/k8NaZP32dkV2g5Oc.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bd99b0b4fdfe857b090ecea838b2bca9a2d9530c58afb004774f85f88121b528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 11:46:00 GMT
via: 1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: MUC50-C1
x-cache: MISS
x-77-cache: MISS
x-77-nzt: AcO1rgUZqgrB
x-accel-expires: @1699703160
last-modified: Thu, 10 Nov 2022 18:21:23 GMT
server: CDN77-Turbo
etag: W/"e542e683143c7d52ae14da8d82a0686b"
x-77-nzt-ray: ffffffffd88ce5a6f8356e639f53370b
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: https://journalrecord.com
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
vary: Accept-Encoding, Origin
x-amz-cf-id: 9x4r_OX0e_apamxSWJ0PEba9fcf247frESicR4yzUVFyiAHW8vQPqg==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 7ms
7ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 11:46:00 GMT
via: 1.1 10c107e5655bcb04b54abb68039bba64.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: MXP63-P2
age: 3
x-cache: HIT
x-77-cache: HIT
x-age: 9161747
x-77-nzt: AcO1rgW+FCT/E8yLAA
x-accel-expires: @1684925413
last-modified: Sun, 17 Jul 2022 17:46:41 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: ffffffff8b904499f8356e63a158e80c
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-id: gO4VVinPYLiuAedUVQ9EYYi27xgXxtVYJJIs9Zrike-pU7kZ6ClG1g==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 11:46:00 GMT
via: 1.1 9350ca5a7911a091607e08d042c11ae6.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: MXP63-P2
age: 3
x-cache: HIT
x-77-cache: HIT
x-age: 9161747
x-77-nzt: AcO1rgWadWL/E8yLAA
x-accel-expires: @1684925413
last-modified: Sun, 17 Jul 2022 17:46:41 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: ffffffff8b904499f8356e630b47f40c
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: CX6s70kMBC_8ho5m6ya0dkBS6Pv2Rk5ycdVcSkmGk1zP4qk4dUZFKQ==

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
507 B 337ms
109ms XHR
application/json 52.4.134.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.134.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-134-158.compute-1.amazonaws.com
Software: Aorta/20221109.cd7826bc8 /
Resource Hash: d58dc9c4ba3399c33f968efff82666153cc84c2505764258795cccfda4e5d0b0

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
server: Aorta/20221109.cd7826bc8
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://journalrecord.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: b303a5897d80
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2

451

420246.gif
idsync.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=YzozNzJkY2M1M2VhNjkxMjdmMDZjNWI4YmFiOTA0MWY5NA
https://aorta.clickagy.com/pixel.gif?ch=8&cm=CAESEGiU3zg0E2QlxLVTcCGJYF8&google_cver=1
https://idsync.rlcdn.com/420246.gif?partner_uid=c:372dcc53ea69127f06c5b8bab9041f94

0
42 B

46ms
38ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:372dcc53ea69127f06c5b8bab9041f94
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 11 Nov 2022 11:46:00 GMT
server: Aorta/20221109.cd7826bc8
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:372dcc53ea69127f06c5b8bab9041f94
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: dcc3ce4ba350
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

451

711861.gif
id.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/liveramp_redir
https://id.rlcdn.com/711861.gif

0
98 B

123ms
55ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711861.gif
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 11 Nov 2022 11:46:00 GMT
server: Aorta/20221109.cd7826bc8
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://id.rlcdn.com/711861.gif
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 9e5da62a397e
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://journalrecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 320136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 18:50:24 GMT

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1830.016-3.025/ 223 KB
89 KB 42ms
42ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1830.016-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1830.016-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858364408782a9612aca179e63cfcda6c8c64bbbebc65ec7a1dba1823d7084cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 08 Nov 2022 12:31:10 GMT
server: cloudflare
age: 11450
etag: W/"37df7-5ecf4b70390b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7686c8efb98e9bfb-FRA
expires: Sun, 11 Dec 2022 08:35:10 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 6875 7 KB
1 KB 53ms
52ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6Le2xiMTAAAAAFD40x_ZtsDlPGwfRMUy7mVRR2Ki

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9ad08053b70c31ecc53dfe72385c083205e4a93c5119328c1a8dca8fc3e0fa7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZXjTfK4q6hFO_6VAYASVWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-ZXjTfK4q6hFO_6VAYASVWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 11:46:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 215706b3ebb7b68aafd8535385a09862 Show response
p814.journalrecord.com/plugin/library/ 293 KB
92 KB 9ms
8ms Script
text/javascript 108.138.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p814.journalrecord.com/plugin/library/215706b3ebb7b68aafd8535385a09862

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-109.fra56.r.cloudfront.net

Software

- /

Resource Hash

26d928240f48c2adef6f117693b730b5879af199010e08aae9b48ab775011461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 242832
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 93985
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Nov 2022 16:18:48 GMT
server: -
etag: 215706b3ebb7b68aafd8535385a09862
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: lw0M5lnzKWjeImnHqUtRavISPtRVsGm1eaHCfPB9SGsWEo-ff7laQQ==
expires: Wed, 08 Nov 2023 16:18:48 GMT

POST
H2 200 LB-Zone-2 Show response
p814.journalrecord.com/DG/DEFAULT/rest/rpc/143/ 1 KB
1 KB 391ms
391ms XHR
application/json 108.138.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p814.journalrecord.com/DG/DEFAULT/rest/rpc/143/LB-Zone-2?referer=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&bcsessionid=&bctempid=1c3be484-bf2f-40d0-821d-b8cdd28459e6&overruleReferrer=&time=2022-11-11T11%3A46%3A00%2B00%3A00&ts=1668167160310

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-109.fra56.r.cloudfront.net

Software

- /

Resource Hash

95447c70f712d14efd388a96fd36bac6135dbe0b38bba6a954d7f2b50669fccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 576
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6-YivNzlCgTrVnBaWGRom3kM-RU4EtlcGkpOWjKai2voWx8kj_I06Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3174055483526761&vrg=2022110801&nw_id=13051489%2C21669907858&nslots=27&eid=676982961&pub_url=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&qid=CKvk5feGpvsCFcfruwgdZjcPtA&iu=%2F13051489%2Fokcjournalrecord&e=512&ret=300x250&req=300x250&bm=0&efh=1&stk=0&ifi=12

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 6875 52 KB
24 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6Le2xiMTAAAAAFD40x_ZtsDlPGwfRMUy7mVRR2Ki

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 11:19:42 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 6875 399 KB
159 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6Le2xiMTAAAAAFD40x_ZtsDlPGwfRMUy7mVRR2Ki

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdfeba02862c96c6d6fa5c6ecc5db0b1f9c04b93941ffa0dd47b23e66a7f9e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 03:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162590
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Nov 2023 03:21:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B65 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2xCbq7wv43qJnPy9RGVDxBlMH5fDdCH0KskKCU76-gEt_yfsc0EFurku35tqTsp4sKPd6KU0sgm2kk_rfPgn9mSqtunhUMOUT7R-fsfcJkp2gHzMUg4jhUGEIDsAXFkTLfChf9in3IZ_nTWz3rjQhwPz_CwTKGhVA4Bf9XuUMDufv79Fy6EI7cVGdxwsKCjwiMQh49BgDl5cfUXsL8FYcg-D730YUjRdEJnKkT4Jyt4cAK8JQjZN_T_jKDOGWGwSzco28zawVkbfJ3RnWjc3Dqj89Ex-TBTRZBDxjhuyPzQgDd_ELeZ_oakWg5PrOhkdP3fIt-01TEA&sai=AMfl-YSDBlB_0H4x2EU_3uHvfPZucX9EkQpHeepJadY4mOvfWp9Gd0WlJ9Ep1Z6SOysEq0Mnz2JdDlxs1doQeTfsU23JVcve8b0giGlZ5lTXhyiZhfYfg0zvJGxa3hQUsCGF&sig=Cg0ArKJSzBIpQ_ATBELjEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B07 0
0 72ms
71ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgiym94HidomaVYn5YArhwrl7yjbbsQ98-sxbKO8nbSKD7NXc4u9wUEAoKGDQuv_My9X70R6Jq2pvk0V2kgGQQGmLQWlr1KoYH9lXbi297OVdjHZ2VID8r60NIyKLmexfU4BMVjwf14b0ID_5y3sh63-n9C-ku1C5zsRj6TWcenGGiE8ndyzsKmtkLUbynmL9Ir3tiBawgZKFJUCuZQptfZGsv5ojsCP_CfhS5SXPB_Ux7hT5BIuN4pc69bFkotPWzPvf4OsMDuAafHipMAXKVW6weOFW4WnOZkn0NCPQ8aFtj6Aj1K_Fzhq7vevN48XKNd0EgXnhI8w&sai=AMfl-YTYGDEbY-rxxxXGKfcYVqbLRgqysKRcikS3wjKPXm0IUkRopsnMAcvexbyb2tBKxYCzIY7u4gCMc3InkJrQUfRYWHKVXLfNyRAFtjkLvM3diGN6_fdy3ugb7vLl1Ega&sig=Cg0ArKJSzPzrfsfZ1MG9EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
327 B 332ms
104ms XHR
text/plain 54.145.152.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: tags.clickagy.com
URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.152.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-152-25.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://journalrecord.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1972 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmMT1MbgsZ_ZsInTT1N9xF-BjjEEnplyCflgFtU4bEGkQokCNTaNUq_lcHMNn-oQKXqa1awD-TapqOVAtbF-rnNTi96fAs-dQxFgZJ6aRb2jGM0E_wypUPx0jXgAyblKn9MhmPjcpM6D87cikqNU2w1o_u_ZaiB34wcELPG19w-UaswtC86GYbiXVJ6G42naeMndkGVWmjUjp286T-TsgdfkVfWvQug9b43jXVHBedFLLdKYmouDldB0hv_VI_1-jhekkuGDrEZgARDJOfFjETTVvXOYgapqBi_Af-WH-UAv-k33oLAahL1ElOOq6SOH5ey2CTQvtOfIM88cJb_7nC3g&sai=AMfl-YQFvi46V850KG9LS1Im-QUCsu7HRH-qN5B_eGqwHNQk8ArGkjoGbQdrQoFMRyTre5yVuu1_7zZ_47lY4k3P4jc0MgUhEI5lOIuvsnAVc-Gj8HCnSwfIa4W9P6Jdu5zdiw&sig=Cg0ArKJSzIuL0sEUztP2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3986 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJbWLCSJdgxhv0Z-FewXGtyrYJEx5XQoMUTH6TKoB1M6zwvayOFCwUxRc_Fb5ZmjHSQywo4jSmW6_rBrRzSUYAwR2im1BkMaF_IoiDMlHR979L4206sfTrOHsgf2piIC11_SKNnk9enz4W7uwIrJ2NpZhSLVrLLqQrG1Ty4JrwFzuMvguxm3Ee5bpK0nJ8Cv301NR44Ogo0xLOLqsdG-nTO_Hoktu-zoXd-eAZXZwmH_N866-PxI_amq-0FuhhzWvZR5j4bo6ChWkRbE0iAnK6F1wUqWHlPEnvQiVlT3Kp92gSXvFYGiSn69fyROpnwekGQdJj_Xr47Q&sai=AMfl-YR8ozkRvxY2c92w0eG5CYdQIvFGlMdWLy9Vd-f6JKgu87BNAsX8gV5HTOaPcQtpTRRbXESRxbe_Skgu0amzb7p8Kxiy9s0i0E2ejrqoR3P82a3xfTCmYgQpp_qGaRRQ&sig=Cg0ArKJSzKh6r3WLpe0-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA94 0
0 71ms
71ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLbiUdps7auXe_pdXX5FYPMM7-9rijyqe4Gtr1ZwsaGUmaeIRpK1pPZxZdh655t40k8gMA-Qa8FDgyseg6Je4ks_wmttg6xJzKFjHLACWEATC2CgfgxJLfFVEkJhQQCi0jCSWU-vNpKflNfCM90BibpuGYtVDroD3eW8iOI2Iv8Kb_nFPTVKrPyq1lFNzvskcY-Em1TIpHPIJP6ofPQCI5tzcztGL2x1Ko3b6KWJe-3KEVkTx_U6WAKs4r1C0O-BVIEu2kCHqA43O_x6_J2xUmvgjFZG8kjYryVe2gbQaXS8vRSBazMtpIwWxfHstCpoXh3-2GzXS94g&sai=AMfl-YQqtWB5JYCIfUxAlEftSJ0GULOffnBQq9mIeUKKdohrEppQOHsRiM0MtaSqEHtCZ47KxBCz01ZfYOacVAzBxqW9F0STotEj77Fl26m-7bn_RcceqPIo52OttWmWCT3gug&sig=Cg0ArKJSzNHI0B6Ef1LEEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F80 0
0 71ms
71ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKnwClM26h-1iU5tyS6dXSBGCSYaKJqchFT-3Q7bACufJAHECIY3NXIDMfbOkuDPwu39K4AE6jVBKd8Fe06e0bls9DGhXbtLiGk6ohbfCqxf-ztlthv1rPqz58I_RfovvseRZbsgCi758Jobm9vmmHomarAGHEZEJkE90k1dH4W_d11GNP-ScAP2fOGmQEXM14u_DV-DBmNpmuUn2_ccZqQ687ApBR9CSD6K4lzpdXUSEjLcAfR_PN4VmShGVmNOYfV2IjRfw7QofSRoRe9aa2yCDRXq_MO-jbYgDYqve0aqw9gsP-4BQ9orR2tn1ufmRHihzTZONhkw&sai=AMfl-YTXSQvtaLP2HTe3kxGJdMcRQDTIjNc5jPal_BZCNZ2eeJGPsJO9lS2NUZKmCKLbxy-xjROvlemAEvnNHWuR2HKHm0EUmLYxV21C_yfLt2EKb1ccCKu0KfB9p8G9Vjwq&sig=Cg0ArKJSzD816_PG_6IKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FB5 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnP0a4OOnkjxheph0Q5USG9_9dORFZ7WwqboAtX6dhWirjTSSab7ytid71pPPE4BcvzLEIIQv37Nyh2jTpwK-asa6oOS4apwDtVd-VVHhZOdUhdHtQuxzgLxYhWeS0j0YSsWky52aoaLXipLfxJJkbCHd3H-zU-BgRhkm_pjahuhwt-u3TjCQBaZTkbCm21h2N5ckC1tIfVvo5eCepVT1HHycOO0oniNoaFpTZvOnzxiM4KL3JZoV9sCoAkKPOMdN4EuS03m5nkNJxFEf_uyKVLbv281WJl4GggXNZS9rQCWaSPrDDKoYQajirY9CWP_DOi3w_TuN5Pw&sai=AMfl-YSdzZzAWXqTXqPITr5uyBAZtX_o3jazOaCylTxRDaIQ0_eTUjOhfAEakC-BmJvbteTUdn4eEfG6Lq-pKwCNte3GXus52H6T9Daw0fbpxBzWKY1omtYT6r-ArJEVX0T3&sig=Cg0ArKJSzBNgTamzhqofEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 11:46:00 GMT

GET
H2 200 getads.htm Show response
rt3022.infolinks.com/action/ 134 B
286 B 486ms
485ms Script
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3022.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22net%22%2C%22scs%22%3A%22ctpdAHQj-5%22%7D%5D&rid=39b90418-7396-4bee-9ce0-c201ac63af82&jsv=1830.016-3.025&sr=1600X1200&rts=1668167160665&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&tzo=-0000&c=c&strg=true&rsd=HoUmp3LMCf4WszNmzxrirhGl4lMjsc-PGODhx1cB8GbAaYxy4VkweqvBjHNizS5CzTQ12pcP8Vr4NfpvTNr2AyTJiIj3RquQ2XGL6heOmHS156sshHTa1bDW8zqbSwCoyLoi7EoMhPBNJDLFSxJZDLVaY8q8DkUZYTThG9Ci698&rsk=80&rcs=Q_N5vRFupCLkWoWoeNF8Lw&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1830.016-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35dc34de09c4448c29d457fdcaaf11bc4b4f4e048378dd0d3a6dbec0c6860eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:46:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 7686c8f22fd09bfb-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/plugin/plugin/dcf3630cb473269971129992788d8d70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Nov 2022 11:46:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FCa/hhOP952OQkelcKy+qMbw+N7/O3IIGTMEWwX66EeEiPif/9lf1DdtV62yAZzwImbh10piN6/dkxLLWffCfw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 143 Show response
p814.journalrecord.com/DG/DEFAULT/rest/rpc/ 381 B
1 KB 375ms
375ms XHR
application/json 108.138.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p814.journalrecord.com/DG/DEFAULT/rest/rpc/143?referer=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&bcsessionid=1c3be484-bf2f-40d0-821d-b8cdd28459e6&bctempid=&overruleReferrer=&time=2022-11-11T11%3A46%3A00%2B00%3A00&ts=1668167160758

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-109.fra56.r.cloudfront.net

Software

- /

Resource Hash

15d6c3b71761edaa7e45af4ed755888c92da0337ff3075c0423ec19656353e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 11:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 179
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 1vellcg86G-JBWW9UiWqDzjNJ9LXO6preQmSpCWlZjKqqLv3L_gdHQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 143 Show response
p814.journalrecord.com/DG/DEFAULT/rest/rpc/ 191 B
1 KB 376ms
376ms XHR
application/json 108.138.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p814.journalrecord.com/DG/DEFAULT/rest/rpc/143?referer=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&bcsessionid=1c3be484-bf2f-40d0-821d-b8cdd28459e6&bctempid=&overruleReferrer=&time=2022-11-11T11%3A46%3A00%2B00%3A00&ts=1668167160759

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-109.fra56.r.cloudfront.net

Software

- /

Resource Hash

56e4554cef4b64c35de9e31dd94725c921390124ae37c4597c48683dbcdc7963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 11:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 168
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: xskoJLWTR8_bDIRzs5ygF04mRpwC-KNdnKh3Aezg62RKhsRzcxRKpw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
bridgetowermedia.blueconic.net/DG/DEFAULT/ 66 B
854 B 111ms
111ms Script
text/javascript 100.25.1.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bridgetowermedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=1c3be484-bf2f-40d0-821d-b8cdd28459e6&&callback=bc_json145

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.1.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-1-9.compute-1.amazonaws.com

Software

- /

Resource Hash

c731cf3637012a16e4601706036d0b29258176a9b95b108cddc18b06ae959acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 143 Show response
p814.journalrecord.com/DG/DEFAULT/rest/rpc/ 191 B
1 KB 379ms
379ms XHR
application/json 108.138.17.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p814.journalrecord.com/DG/DEFAULT/rest/rpc/143?referer=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&bcsessionid=1c3be484-bf2f-40d0-821d-b8cdd28459e6&bctempid=&overruleReferrer=&time=2022-11-11T11%3A46%3A00%2B00%3A00&ts=1668167160767

Requested by

Host: p814.journalrecord.com
URL: https://p814.journalrecord.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-109.fra56.r.cloudfront.net

Software

- /

Resource Hash

726eca8cfd2524ab4bdc6347939b1313b60bf4e8188a41f68ffb2df44ff05790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 11:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 168
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://journalrecord.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: hxxdfddGkKKdASDlEab0_d5oCssJH4tVjb8DZlgPcfdb9kLBXWtsBA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 408727139351532 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/408727139351532?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71f7faf092fd94dd90b88197469d69f29720ed82dfd23cd288e7c71d94049d41

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Nov 2022 11:46:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JCSHWAT1OcEBrR6Mdsi/DMLNidlSV4ULT8E91DrLQX+n+DdNk8UM/By+hRDckfdXXjCMLVLkhmUh9ReVPHQ5mA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en/all.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a219524f820014c6dd7197b4d4ff911824a4c384b5f614b55b3ac02147e2b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 11:46:01 GMT
content-md5: NqgKbM932NsRhU6BQWrZdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: piO4CPQ0RLcpx0xrHoO9sEAPQ+QFDRT7P9Cj0mbuWa37CDq2hM1eIY3GIlcgoQdf7lqtu76gyvssaQGHATHdEw==
x-fb-content-md5: 41328bd351cf39b0e965d7d65ca1e672
cross-origin-opener-policy: same-origin-allow-popups
etag: "978cd37560232d92effb0ddeab4256a9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 11 Nov 2022 11:56:58 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 138ms
44ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e7ed3170d46c0c30cf8f19f2b4084ba19161c7da2fb49e7d78001075ef28b4c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 11:46:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20983
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f73a0a40ef73d170"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Nov 2022 11:46:01 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 100ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 11:46:01 GMT
Content-Encoding: gzip
Age: 12
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29221
x-amzn-internal-status: 304
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/67F3)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 container-1.0.html Show response
resources.infolinks.com/static/ Frame CA1C 430 B
434 B 52ms
51ms Document
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/container-1.0.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1830.016-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12370
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 7686c8f53fd09bfb-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 11 Nov 2022 11:46:01 GMT
expires: Sun, 11 Dec 2022 08:19:51 GMT
last-modified: Wed, 17 Nov 2021 13:25:02 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

GET p
i.simpli.fi/ 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 132ms
53ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a048874214e809b3ee898cf8c0c64a42c9f1f16def4dc9cfc707505fd4e6a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11126
x-xss-protection: 0

GET
H2 200 nav_menu_helper1668097843152.js Show response
cdn.userway.org/widgetapp/2022-11-10/remediation/ 22 KB
6 KB 9ms
8ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-11-10/remediation/nav_menu_helper1668097843152.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 083e6208aceae273cd38170fabc99200216598a45ed3c8b323983795365a1af5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 11:46:01 GMT
via: 1.1 d00a1eb2ccbcadee246787853beba6e4.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: BUD50-C1
age: 9
x-cache: HIT
x-77-cache: HIT
x-age: 68480
x-77-nzt: AcO1rgXAD2f/gAsBAA
x-accel-expires: @1694018681
last-modified: Thu, 10 Nov 2022 16:33:18 GMT
server: CDN77-Turbo
etag: W/"c48039974528005aa834d679a9d6dd4c"
x-77-nzt-ray: ffffffff8b904499f9356e6310ff8d09
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: tfhfd4PcGpefr5_cNjQIUAxfFN22zJOGneW7yipdH_bDYhFyLyPQZA==

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 302 KB
85 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=231e5fe6651d2e0ce937cf057b525e06

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9182bfca788d0ecd8b43e7330a5588b1b69e1b1940f74bec5ad1a6f8c230d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://journalrecord.com/
Origin: https://journalrecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 11:46:01 GMT
content-md5: 7nhlYsqMU94SRV0mH78M9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86724
x-fb-rlafr: 0
x-fb-debug: lXHpXhXcnjw6qwLs/s5lpOW/zaphfvponnC+Iuc/ENIyiTB/IM5BApBt4mOHczQmwSsuGLTZODTyRhvbsoYdcA==
x-fb-content-md5: bd21e7463fb4e444395065d78c94d092
cross-origin-opener-policy: same-origin-allow-popups
etag: "95ddf6ef181aa99599910b7a4e79c4ff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 11 Nov 2023 10:18:42 GMT

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame D8A4 0
23 B 53ms
42ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df21c56015605a34%26domain%3Djournalrecord.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjournalrecord.com%252Ff265ef3ad791ec8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=231e5fe6651d2e0ce937cf057b525e06

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Nov 2022 11:46:01 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: JAtbKQwrAvHoltsLdy4UvPDML0m/iXnpNfAEauLcsB04LXn86ksY7QnEZqdofO4+CgcjxA+8EUuFWuTqOrTzNA==
x-xss-protection: 0

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame CA1C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=bebfd275-c251-4825-8522-b83edf488e86=&partner_id=3337
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=bebfd275-c251-4825-8522-b83edf488e86=&partner_id=3337

95 B
122 B

71ms
40ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=bebfd275-c251-4825-8522-b83edf488e86=&partner_id=3337

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resources.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 11 Nov 2022 11:46:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=bebfd275-c251-4825-8522-b83edf488e86=&partner_id=3337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame C182 320 KB
104 KB 8ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fjournalrecord.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 739512
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Nov 2022 11:46:01 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C182 913 B
696 B 131ms
110ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=dca2eaf8fc0cb9dc135484eda46bd45df19796e3

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fjournalrecord.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 103
date: Fri, 11 Nov 2022 11:46:01 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 11 Nov 2022 11:46:01 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: c6d6fdae5b58bdd9
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 17b03d37868eb097449a169068f740c2aa45a244d457da5456ea7d8ecdde89a1
content-length: 374

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 11:46:01 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 146 KB
50 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d78676babff3013075446ab110ddf03133f87d862dd52c1c95f6c8ef3b4ad7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 09:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51273
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 09:56:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCB3 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 11:09:42 GMT
expires: Sat, 11 Nov 2023 11:09:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F3BE 783 B
535 B 46ms
46ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75ff0eab78501f9b8be7a0fe2a5ccf6c4bd859109dcacd02e20e100f05a8a0c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kd31Cqm0Sjrfzcw-JVOPsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kd31Cqm0Sjrfzcw-JVOPsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 11:46:01 GMT
expires: Fri, 11 Nov 2022 11:46:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F3BE 0
0 72ms
72ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110801&jk=3174055483526761&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame CCB3 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 11:09:42 GMT

GET
H/1.1 200
OK button.d2f864f87f544dc0c11d7d712a191c1f.js Show response
platform.twitter.com/js/ 7 KB
3 KB 8ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 11:46:01 GMT
Content-Encoding: gzip
Age: 739512
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 2362
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
Server: ECS (frb/67F3)
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.644279d1635fd969e87af94a98bd232b.en.html Show response
platform.twitter.com/widgets/ Frame A10B 37 KB
14 KB 7ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: e44458c2c9acea446178d73575b53255ee7ba669c33cb20cfea94b90908f921d

Request headers

Referer: https://journalrecord.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 739512
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13753
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Nov 2022 11:46:01 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F3)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
103 B 123ms
122ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1668167161476%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=dca2eaf8fc0cb9dc135484eda46bd45df19796e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 115
date: Fri, 11 Nov 2022 11:46:01 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 11 Nov 2022 11:46:01 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: ff951211c7dc0d19
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 17b03d37868eb097449a169068f740c2aa45a244d457da5456ea7d8ecdde89a1
content-length: 43

GET
DATA 200
OK truncated
/ Frame A10B 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B07 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLZPB9Fl_v4JV3XwPkPTGpMk6s0RWt7mkPEAToWUsvPP5lU7nx06trq8Ud36QqiD1-q1TtnzbeJUI80KCqVAF1d6Hw0CVzh6zqmd9PuMD9btrRrKw-&sig=Cg0ArKJSzDmA_xsq-qL3EAE&id=lidar2&mcvt=1017&p=67,652,157,1380&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2048605767&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668167159813&rpt=715&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CCB3 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Cd1ChA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 links
api.userway.org/api/br-links/v0/ Frame 0
0 180ms
179ms Preflight 44.241.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.209.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-209-103.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://journalrecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Fri, 11 Nov 2022 11:46:01 GMT
x-service-version: apps-bf5bf1e2

POST
H2 200 links Show response
api.userway.org/api/br-links/v0/ 226 B
565 B 446ms
446ms XHR
application/json 44.241.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.209.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-209-103.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b9264b436679a6255259dc7205a6d3c8896ee4a46747b99a89c3d338e6c83d4b

Request headers

Referer: https://journalrecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 11:46:02 GMT
etag: W/"e2-ca5AfL2oe4YHS0P5Y3PIylc23WY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 226
x-service-version: apps-bf5bf1e2

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1972 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSvfctdj4ZfzMTIWkYLeDenhd67zDis0MkXHI2J_M46dmIanykkLMQTKuXmWOXlgjftuw1b8frFHMzPaQkFL4ZKLXsClaoeG0-Vq1ZGuLHrBKHaAsz&sig=Cg0ArKJSzESsm14dzmiXEAE&id=lidar2&mcvt=1041&p=918,380,1168,680&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4046569736&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668167159851&rpt=702&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA94 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlmG50thm9L1cldvqHUgtWwx0-8PS7CheZKZnqQ7cW2ByVkBzpop3iuTia2o4IC3yUhEkxufJjlOj8Hgk7Lds5YXKeI2DcUZyPpvDQIO8zrc26yFl4&sig=Cg0ArKJSzMBphUsxt2FoEAE&id=lidar2&mcvt=1043&p=286,1080,536,1380&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=170092012&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668167159745&rpt=850&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:46:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: journalrecord.com
URL: https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f35f1c7530f7024e1bfe728071e547c04bdfff8955d0bfc9a514f10c6dcb6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27315
x-xss-protection: 0
server: sffe
etag: "1390 / 747 of 1000 / last-modified: 1668121631"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Nov 2022 11:46:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110801&jk=3174055483526761&bg=!MTKlMnbNAAbvMpMzzzI7ACkAdvg8Wm2rZ5jMkPxjF1p6Ml3DUt453tdfHjf18zI2Gj3kUimlemgOOAIAAACAUgAAAAJoAQcKAOktVVKY0FUHVC0Xh8j-RBFRQB-Nqy5ZsoB1xnkOT6Rdf-gn4OCLfnx2rwl8ozOkVP5UVxncTRzOj2sP50VUH4bfykfxzbjwkIiML_Htfkk-DwFgcGu2H7pIX_lMFP3Q5phZP78KNNQUFrrmeplECCX3RJT8hZU3yxcEd0GLnoop5pqB24HMiXq-FGdgJ8RirzVwGVpe7xR4Cs9QDei4l4nP7hT0JliXa_wttIQLHzMZzScJ8zzCMFdFvqWBQ05-OAWADb-W14OaYOblR0T2RXfFyOwvygAoM5f57_mf2axc1AeKTyc38boI5JkCqCkrsdO7WdhymJoPbDQ_FH2uAfzgzJAOcqpBlyor62_Y4jNjpNt00_Vl-Wnm9bd2uW7cJ6moDvoiBW1GAusu67WAgBbCEIu84EuRT624sl_YvCuWlUGSR9Q3rzB5x-eDfDNhSrAAIqtc_dK9f7JjDgV637_RfWyKOgH_BoB2IoqBfKJ7HYg-O3wo0u2byqkTIVKyTdz14KPxIH916byK3QIvVIhq3-paAlM3rnnFw1dDtR3eUku4xGJthrjYnTuhZH8Z-BUpdb0ZF55-a07CFAU2W4vGMYvzhTOx3hicPDFgPpeo7aX4xAwtRVa1hn0YTwahetQlcfARFDZ7p4hJ3Ff-ezf_83dA5Dfcmo9-v_i50pwYv0Go9l87BLjiqmpoD89x5KlMFb2YJhEdOWPBGPgZgFsXr1zvMx9YgqD8vbpu-r6Q6zAboRanRCDGO25T8HVHaw9ccDEsfO_xxvfoA6BdxtCDB7pujUS6Bc4x81M_8K_9C3awn7yQRaXQgji8eyNF5jOT0iOqOVAjPIrJiYHdO6xFTRiI1AVPjin2-abmtbBtonuNhve2FeJDD440rzuCaFOPgOZzF4cLuK9GoX33-s7Gk6sRJsbyzQEa063sOY2HkyW6yjN6KvF_yUybgMeoAqBJfSHKmTS2b0wednvx7q4OGC4NzzxLrwSAZlrPlz36TCb-UBaNl2rxZ9a2wC3hKOMmB3k737U7fXFZMa_dkRyGurfyMag_KKSq1Wbwe4dcZTtaWyDz7xXP1f4n4sRIoMnb7uwcYbVUapH6PYJJyS9Z78HlaYoXHGVd9YoB_305SCq9xfUfEmplUBFv1LFdqSzK6R6O95x-fl6Y5kZj32JSQBkOSBZyuFoCYRVk63Xdf77U_3jFxStU_WB3DajscUN5zNmJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 6137942446809977 Show response
api.userway.org/api/remediation/moderation/by-page/1021789/ 3 KB
4 KB 179ms
178ms XHR
application/json 44.241.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/moderation/by-page/1021789/6137942446809977
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.209.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-209-103.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:02 GMT
etag: W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr3367ebe56e2c45f
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 3350
x-service-version: uw-pr

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F/DESKTOP/WIDGET_ON/ 77 B
417 B 182ms
181ms Fetch
application/json 44.241.209.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fjournalrecord.com%2F2022%2F11%2F07%2Farvest-winterfest-to-mark-15th-anniversary%2F/DESKTOP/WIDGET_ON/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-11-10/widget_app_base_1668097843152.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.209.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-209-103.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://journalrecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:46:05 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-627375bc

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.compete.com
URL: https://c.compete.com/bootstrap/0406a660fcef05313cf19e49a64a9f9b/bootstrap.js

Domain: i.simpli.fi
URL: https://i.simpli.fi/p?cid=296309&cb=sifi_att_1999756921058292._hp

Verdicts & Comments Add Verdict or Comment

323 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary	1969-12-31 23:59:59	Name: logglytrackingsession Value: 155c7d84-63a7-4d30-bbab-9313d25d10dc
p814.journalrecord.com/DG/DEFAULT	1970-01-20 16:58:47	Name: BCSessionID Value: 1c3be484-bf2f-40d0-821d-b8cdd28459e6
bridgetowermedia.blueconic.net/DG/DEFAULT	1970-01-20 16:08:23	Name: BCSessionID Value: 1c3be484-bf2f-40d0-821d-b8cdd28459e6
journalrecord.com/	1970-01-20 10:44:23	Name: blaize_session Value: f35b0d9b-2aa8-4ef4-a45d-f3e48f54ff85
journalrecord.com/	1970-01-20 16:58:47	Name: blaize_tracking_id Value: 677daa7d-3c3c-4706-91f5-344712476573
.simpli.fi/	1970-01-20 16:09:49	Name: suid Value: 1F9535D00E254D2AB819E4B689884B4C
.journalrecord.com/	1970-01-20 07:22:48	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://journalrecord.com/2022/11/07/arvest-winterfest-to-mark-15th-anniversary/%22%2C%22sref%22:%22%22%2C%22sts%22:1668167158912%2C%22slts%22:0}
.journalrecord.com/	1970-01-20 16:52:11	Name: _parsely_visitor Value: {%22id%22:%22pid=be19510ea9f6a722435b2b71f1cec4ce%22%2C%22session_count%22:1%2C%22last_session_ts%22:1668167158912}
journalrecord.com/	1970-01-20 16:08:23	Name: cookielawinfo-checkbox-necessary Value: yes
journalrecord.com/	1970-01-20 16:08:23	Name: cookielawinfo-checkbox-non-necessary Value: yes
.journalrecord.com/	1970-01-20 16:58:47	Name: _ga Value: GA1.2.1763838936.1668167159
.journalrecord.com/	1970-01-20 07:24:13	Name: _gid Value: GA1.2.1252727562.1668167159
.journalrecord.com/	1970-01-20 07:22:47	Name: _gat Value: 1
.journalrecord.com/	1970-01-20 07:22:47	Name: _gat_DolanRollup Value: 1
.journalrecord.com/	1970-01-20 07:22:47	Name: _gat_NewMediaTracker Value: 1
.quantserve.com/	1970-01-20 16:53:01	Name: mc Value: 636e35f7-5c78f-2ca6c-6e9da
.doubleclick.net/	1970-01-20 16:44:23	Name: IDE Value: AHWqTUlFEioi257mh9j9WZtrQWfkxU_gqPCCnnOLqGOo6OtKH_UquuRfT_PnKtF8DWo
.infolinks.com/	1970-01-20 16:58:47	Name: cuid Value: bebfd275-c251-4825-8522-b83edf488e86
journalrecord.com/	1970-01-20 16:58:47	Name: _omappvp Value: m6BRf1cGlLQh3ZbHINVGkWAEou2tDQP1BJnwjUchAeOJ1SSE3LdqdFqrEodbK4HABwBN8QlrjC84nABv1qEefXCUzstkO7FC
journalrecord.com/	1970-01-20 07:22:48	Name: _omappvs Value: 1668167159406
.ws.zoominfo.com/	1970-01-20 16:08:23	Name: visitorId Value: 8cd47f35782aea1d6afc0f659c0b193d36b0574476ad66cd2fd883ed8b75de60
.zoominfo.com/	1970-01-20 07:22:48	Name: __cf_bm Value: r4g3gQy0bckdL8k6SzWYJT_0JDhJrigrtzCjSZDN93A-1668167159-0-AcRYyc6kX2g3mihxxuHva0G4X3+m0D9eUHJNyQxniUiVxw4iiuPFqMsX/nEVmtJuTv/J0LT9gKKohg4J2KpdkL0=
.journalrecord.com/	1970-01-20 16:47:15	Name: __qca Value: P0-872078422-1668167158886
journalrecord.com/	1970-01-20 07:32:51	Name: AWSALB Value: Wr7Xj5seTj8EeTyaUN9dWjmHMJ0pN0XAxfRFBJEPKGRpPschkKyrwEJmODGZ3PzKqW0aNIM8zsp7kpgwNhUpyekDIetMF6uqsRM5938Ped/PvSkJL45gL7R2JbO0
journalrecord.com/	1970-01-20 07:32:51	Name: AWSALBCORS Value: Wr7Xj5seTj8EeTyaUN9dWjmHMJ0pN0XAxfRFBJEPKGRpPschkKyrwEJmODGZ3PzKqW0aNIM8zsp7kpgwNhUpyekDIetMF6uqsRM5938Ped/PvSkJL45gL7R2JbO0
.journalrecord.com/	1970-01-20 16:44:23	Name: __gpi Value: UID=00000b7fb4ee9372:T=1668167159:RT=1668167159:S=ALNI_MYnfuISv6RpbfKoz7fOhKiD7Gb49Q
.journalrecord.com/	1970-01-20 16:44:23	Name: __gads Value: ID=50eeff8a79e9481e-228c7a3372ce004c:T=1668167159:RT=1668167159:S=ALNI_MaMPa_m9IRVdq9FQ7tAZVqEeOU0BA
journalrecord.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 1c3be484-bf2f-40d0-821d-b8cdd28459e6
bridgetowermedia.blueconic.net/	1970-01-20 07:32:51	Name: AWSALBCORS Value: eZAdOs4r1B8ZbHG/Sg14YMyhNo2i4ajgaeGiWmCor+Uea2ULBEHSmVinT0vsL5fGNZS0JJaexGtqlzOsw7wTIeVV9UhujJZprBsW6iVt6fxuxcRQwdUQsChngodN
p814.journalrecord.com/	1970-01-20 07:32:51	Name: AWSALB Value: 6JJ2pfzZzO0l7B+PKcq+zzyADjyZUc/65skGOpBT+puionRZtRp+yEno30QrucvEMGNxFAYMPu0Scr/3tS2nBchcAUVDw/z2cmOKzv989ZCrKgd3fqabCS/WTDkV
p814.journalrecord.com/	1970-01-20 07:32:51	Name: AWSALBCORS Value: 6JJ2pfzZzO0l7B+PKcq+zzyADjyZUc/65skGOpBT+puionRZtRp+yEno30QrucvEMGNxFAYMPu0Scr/3tS2nBchcAUVDw/z2cmOKzv989ZCrKgd3fqabCS/WTDkV
.tapad.com/	1970-01-20 08:49:11	Name: TapAd_TS Value: 1668167161332
.tapad.com/	1970-01-20 08:49:11	Name: TapAd_DID Value: 6028d262-1328-4762-bef5-32a38a626ce0
.tapad.com/	1970-01-20 08:49:11	Name: TapAd_3WAY_SYNCS Value:

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c.compete.com/bootstrap/0406a660fcef05313cf19e49a64a9f9b/bootstrap.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://analytics.apnewsregistry.com/analytics/v2/image.svc/OKC/RWS/journalrecord.com/CAI/post-691784 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711861.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:372dcc53ea69127f06c5b8bab9041f94 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://i.simpli.fi/p?cid=296309&cb=sifi_att_1999756921058292._hp Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
adservice.google.com
adservice.google.de
analytics.apnewsregistry.com
aorta.clickagy.com
api.omappapi.com
api.userway.org
apis.google.com
bridgetowermedia.blueconic.net
c.compete.com
cdn.krxd.net
cdn.parsely.com
cdn.userway.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
edge.quantserve.com
f5b370301eba121ff11a3e827d7eb72c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbx.media.net
hemsync.clickagy.com
i.simpli.fi
id.rlcdn.com
idsync.rlcdn.com
in.ml314.com
journalrecord.com
maxcdn.bootstrapcdn.com
ml314.com
p1.parsely.com
p814.journalrecord.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb-logs.media.net
pixel.quantserve.com
pixel.tapad.com
platform.linkedin.com
platform.twitter.com
prebid.media.net
resources.infolinks.com
router.infolinks.com
rt3022.infolinks.com
rules.quantcount.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
tag.simpli.fi
tags.clickagy.com
tpc.googlesyndication.com
warp.media.net
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
c.compete.com
i.simpli.fi
100.25.1.9
104.244.42.200
108.138.17.109
13.32.121.17
142.250.186.162
151.101.130.133
169.50.137.176
172.217.16.194
172.66.42.247
18.155.145.111
18.66.100.58
18.66.112.59
185.59.220.194
213.174.159.12
23.35.228.23
2600:9000:223c:2600:6:44e3:f8c0:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:4400::ac40:9973
2606:4700::6810:a852
2606:4700::6811:190e
2606:4700::6812:acf
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:14a0
2a02:6ea0:c700::11
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.107.148.139
34.111.234.236
35.227.248.159
35.244.174.68
44.241.209.103
52.4.134.158
54.145.152.25
54.155.18.159
54.174.82.79
000fde3b908b576fa4cb9cc581630ad9b29e51b694884206b18bc73ce82dd99d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0389712513fe2aa9f229ad777f458dbae1852c58c9c57d011d7bfbae3469d6aa
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
04172e8299d44bf2ee976d5990a03db517539ae40ce8a9b9100e079a39433515
083e6208aceae273cd38170fabc99200216598a45ed3c8b323983795365a1af5
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075
0a904bdffeaa6adf503ebd227303a2c0e8e534789a39376f602727bfab444c00
0aff0abfe1eec2bb02ed960e35f89e6dda7e54ddc95c80cad43bfc8a319f64f7
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0e9fb7a8706c535cecfeb548672340fddf82d8b180cf00149476d62c75e58210
102b2cfbc6ef9c62904cb93b7ac2037584acbc570460f52ad05bf0f88f4cbc48
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
15a0c14d9b734ab565bab7148eeeb802babe7bbe6e03f4068fb528522297b7a1
15d6c3b71761edaa7e45af4ed755888c92da0337ff3075c0423ec19656353e0d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1674937eea357b366cf071c614040b5248d6c82c0316bf0a4f8405748ea68c6b
17bcafaa9b8aa4e9a351dd1fade8e49e63ab09fc2653f5b384bb05c8660ff765
1b6a4f8a6e6a7258374c1b611b5127b5971acc7678d261b4906ba53ae2c5d18a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c9b4e5a2c510f699fcf2f911d4c20750e50292f09fce09665a1ca85fd808d03
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1fd355a27b4594f2f689bc3566c857077f15bfed9da9a08bd5e6e0b06a476b74
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
2607dee5a24b3ca771b41354f1f4d0b9be1fded4f5e696ffa08732989c5c552e
26d928240f48c2adef6f117693b730b5879af199010e08aae9b48ab775011461
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2c7533545a1eb5942c266180a7a72263a42ba8511792c900f069b4a8c65c6d6e
2cbe71751fa590c6d887f70f0561ba4dbea8146fc6b1b2f101ea6ecc1182d356
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e2535658a5b72091fdd916cf8f433710da212e3e8a114c5bd07ed4833e6848e
2e42f143b521ff3d7aee29aad2f5ac1c577a5e0be9f50b888054fea78e7a2638
2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38280b105aaf9579313af804e9ff67b2cbc0387f35b62c144603c9c0ece8416b
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
3aad63d17ddcb74eecd9faedd054000a8077b5187daf73e122d2a0b834aba853
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f35f1c7530f7024e1bfe728071e547c04bdfff8955d0bfc9a514f10c6dcb6ce
420033f9eaf95478a450e558f93ae6d7a5ad950c3e78f38832b47f9e2164418a
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
427621afdf242d5e7afa7223b6c49e1a6e78050b2f875be4cf4885a7a1404cc4
43ce99c68e674d72785e3e92f7c40d9c568507e2fc734a573fca330a262620a4
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47583c4710fe44264d54d741ba58094f458549c6edf67e88661fa8295f219a4d
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4be9f04088ae4eb23b29ab79e8d1bcc69ec911db34210386376a5c0062ca2e51
4c575d7b5e992646a036af8b95013bffb3b54c8093d6b593219d1b27c550a9a2
4d00897ca3a4b27f205d78f528e5092360c165aca6cab554f8137f311933ab11
4d956a758ca48121e4434c413596334c6b0f3cda0e622ada0d73c41d39eda526
4e7060149a05c42f5abb8b1929c8f787399d31746a1f50f72055597a582bcc94
4f14794da48c2c865237e999622aa6428d15c201635e4ce223f3175038393208
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f5c4fe04604ad6f1a3717652d0ecef27caf72262ae8c403b823f18e6b90f50b
4f885b50bf51765b54f8cbb76562e404107c35df93dd2c1646cc4121b3fa5778
512bc7d30635b1a46ab830f9b7e0ab12b35b4d799a23a91b067452567b150c3a
522630e96f30a74a844ae6b444fb56f3920e6b458c45ae3c8fa090498aaa091d
5328ebfa03ef9fb15df31b4c6a2efde956c132f8a34182624d6da6a62191c787
542c1569e5c5c152b53cefc0602bf485f0403aef913435340898ce6903298dfb
54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e4554cef4b64c35de9e31dd94725c921390124ae37c4597c48683dbcdc7963
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
582a1e1bebec2922ee282614d165942348dc5d39c646aa53dcf13346984ce825
58c8b19d3af0e9c4390d80c079abdb258b38605f3d01b290fd89d0e41c18f6b6
58f74e686a36c39e942908a2ca1221eae23600cfca5ae26ee162e6b83d5f88cf
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5cfb1bbe45960d60b89d0a43485163e957e5d8b99014ae6cf9770fc8a99643a2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
67596f497ba9670488a07493b079a6c8d32fb1714209db992e1e32a99c4dffe5
689acc7446c2b71cc1c59b4f0d3c4301b16bfb0ffe7708521d4317212881305f
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89
6a219524f820014c6dd7197b4d4ff911824a4c384b5f614b55b3ac02147e2b03
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e698a4a3656f72197da0666ac6065c32964060dd429fbc6d60f1a742875c62d
70be816b925d31a15bb091ae13f49c9f5c36db863b14152ae7686a9f7aa7362f
71f7faf092fd94dd90b88197469d69f29720ed82dfd23cd288e7c71d94049d41
725eccfe3178cdf633236b4c9d324c55b3610f73713f7e53b239f964b5a086b0
726eca8cfd2524ab4bdc6347939b1313b60bf4e8188a41f68ffb2df44ff05790
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
752256c91aa8672c8cf46c61cc3c1db92018664de4f3a0840a629d68299e6c9f
75484114130fd537cebce232f092276161a2abf3c34f9dcd40436d30a95d49ad
75ff0eab78501f9b8be7a0fe2a5ccf6c4bd859109dcacd02e20e100f05a8a0c6
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ee2601a50c8ca82b4d73738c6b2381db38ed1e341cfb5dbce38d9ce15132323
7f2f45a60435d34aa62ddf61aff36546b193eb55498e7904903ecc83b7b5a3b3
83d3feac92105cd902baf956709cb1a3460a61cacf14b6bf0eebda6fd3491a02
83d4c0357bf2c61209cf355c4a4a6358feb3b645c1c884c8033c6f71fb4a2beb
84cb4fdf0831f2b123a61b867ebc400e65a157d2e4049ebe8d59dc6a99ef3226
858364408782a9612aca179e63cfcda6c8c64bbbebc65ec7a1dba1823d7084cd
86f3f0fe1ce28a921ab7b85d5dab32975ce0e7b0391dd9d8f3f7aa5295fe7375
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88693cc8c9e7e6e4c95ec82563c8c07f3260afa0048fe62c9dce2e3f717e898c
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c106f968e6dae4cc1049fd8205860cbd57eba3b59803c5688a1f417b57d9b65
8e7ed3170d46c0c30cf8f19f2b4084ba19161c7da2fb49e7d78001075ef28b4c
8fbf7fb92c0f6ff3f55ab1529766556517cb03fc70c4ea7f99b226d7c981e4a4
90170c06cfc78164ffb53c71f2ad709278e24ed7235dc52e5aa173effde6bb20
90675f40d202b9d230c1e75f8c7a9b7ecea4b95f86b87c609d63a1eeccb1af65
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
9182bfca788d0ecd8b43e7330a5588b1b69e1b1940f74bec5ad1a6f8c230d274
92fd05238c68ae5b9427768681489ebd3a4f8569f2deea18c1afc7b7ac5ae574
93079b8d7b19bc776aca7bf05eea812f3b6e6f85b6fc6babc72d36d0c9f83418
94cc6fc0df47398e88be23aaab41c2bd970aa8d3f3a7677d1552874b4d2f8d81
95447c70f712d14efd388a96fd36bac6135dbe0b38bba6a954d7f2b50669fccb
96fdf28a15fb14d1f93c533a7d9b34039949daf4da7d89ca1445885d46875a05
9743ce1b7ff4f2cc5f82030854a6df6b72f0369319a6376b9b058c8b005bc100
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98a8943f4e5fc8441a2dfc9020e93d9a79af966250ee85e61a3f48a73a7022fc
98d37ae53e1026f4920286146b3bd513afcf0e5514102a6a3465db9bcf50c8cf
9907d4db6059976f4bcb9682fb430be16077c408b5df0effe5f68baeebe1147a
99f6c321700a5865609e1b091de162adac6930c417008251e0f69c9857b87a1e
9a048874214e809b3ee898cf8c0c64a42c9f1f16def4dc9cfc707505fd4e6a0d
9a91c83ac7a49f003ab0902a19dcc5579ce9f19370550fd66ad4fc96f39ac251
9d78676babff3013075446ab110ddf03133f87d862dd52c1c95f6c8ef3b4ad7c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f46232cd65b333e4786cf9486789d8c471abaf483fd99b717c44bdb17cb6302
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a06f19c748e7e08b4db00b3b8a47284330860c06e973a735a0782a2222ce0ee5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7540f071e0413fc323a966c1020888298072205fb4419b53d4e0f61cbac2350
a7d5cea83f226a1fb76d1c207d839507a6ed44c9bde9fd1cd43663de984a1922
a89672e008b883292445ec72f7e774bb645feec3c59a3ba2400bec348a6b2ece
a9d4257343c68dafcf41aa2c76e7b3c916ff2afd57adf6466e8d1969290c0bcf
a9e86c9bce35e1d1d05b3e4fe6c3379093f30ae4305105c9a97228de5377994b
aa0ffc128e526f3ab9f3430ffd422bea9b036ebb3d9986bef93387baaf1ca2ff
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac926eccf34e61def4839b01b88b0d4cad54e4dfc2151b69f7afaab7880936b4
aca647dc91588097e23565df51f2e3e070b31f936407bfcf56238463b6676fe8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afcd26c36c7fce81fb68fe0ded7442480f5dd3ff8c6cc1fabdf7df8467a5e4b3
b0fe89d598be359ee97fe733ed22c4c2c7930acca96d55d66123fba4168671de
b110aa67ac6e01ea6e332196b3c0b736c370272b00298a6d8a7074908296d385
b1b4082e09dc24c18e2ab0a2c20cae130c79ff2d158d5445e35aef56d79dd4c1
b35dc34de09c4448c29d457fdcaaf11bc4b4f4e048378dd0d3a6dbec0c6860eb
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b600f1dc62b172effa1611f27da2410354b23d9bc79f34a525821752fafcde83
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9264b436679a6255259dc7205a6d3c8896ee4a46747b99a89c3d338e6c83d4b
ba2374ab4da2d4aef41002457baee004bbeb475f3b0e12d8dca85b4a04630b2a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd99b0b4fdfe857b090ecea838b2bca9a2d9530c58afb004774f85f88121b528
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
beff6bf6593a535b744ce0535c2960efaa233fa4eb4ec710bfb15e3964308d4b
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5420ef80b0993ad9cb1b745682ef732d48ad25cf05d52b72c9f0a381a727069
c623a7e42a18eb36dbc01c9842619171ddc28f8eca20a13c348b74d55722f265
c731cf3637012a16e4601706036d0b29258176a9b95b108cddc18b06ae959acd
c786f57d0e387b648e714e6c3d86c536b2bf0324dabee636670a15269d71459e
c8904e3972e2d84a7e2f4e93b99b991cddf5039156cacbaa1b900bc35b266d97
c9280a2af7b2aed15efee50c2b5831a65969a2bf7f7ee877173ecfc9523560d6
cacf341856a2e2a2168fdb8229f7d686452cb8b69f7deccb6fa123347a6efad6
cc0b53c6efef7a5a5dc52d0cbf7db98d5d0708c093b1aec380497e7f5a9197d3
ccf96a52f5ed61b87840df5971494343d64b416b45cb1379a4aa6649939665b4
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cde8dd9b5b9c9b1b224470c9135276cd4fdbb1532e4214e3d4013c7acbd3f623
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d21252493c366bb141930f173c9e8e6b6a65b0af883e2a8e6d0bfd90f2fb4083
d2de9efed8be24712fdfcb8a83726e5acd57a10e8ab334ebe55c8d671a217566
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d3eb4ba7978b0c89ef74df200f23f3fd1f4eddc5889a9976cdb9aebef14ec67e
d3f7bbbb88908e7fd5a29b3a9f193bd51e0979027bd53cc2107d39065a81673a
d58dc9c4ba3399c33f968efff82666153cc84c2505764258795cccfda4e5d0b0
d5a5b823736fd7ca1bbc5aa581a96c96f1fba64aa31a741e1ce7bf976466750d
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d98d42a273525ca73398f50f281da9c331c184ae1f3803156a7e1bff7fbdb8e4
d9ad08053b70c31ecc53dfe72385c083205e4a93c5119328c1a8dca8fc3e0fa7
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dd9ede29e56d0b6ddced628c7764d79c5b32feac05630b54f2a66479191ae6e8
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de70d9a8e68e5d4b3dcfe378e1db643caae5fd218b7d4e994d0c0df7bff676f1
df257eaec0f23bcfc1dc8e1685e425710c0bbe302ddbd6669318699faf045fe9
e08cc0db8b2a31529e8fd60ec62e764701c2ff86312fa50d292028a6205c3e71
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44458c2c9acea446178d73575b53255ee7ba669c33cb20cfea94b90908f921d
e497791a0a245b8c47e70f12f48285ee51a46e9411ee5fd1609bf4f2ccfd308e
e525fb1ab3af924d18be95f9d2da5baca2a8761b66aa8e8ecebf65e0d24a77a9
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10
e9edf30657ad8be0acaf0cef0aa4be64d47c3290a2f3d70077ba738b784f5305
edae14b2f971693076ca3f63df3e728ff340ea6f5424dc9235f9e89c1c89b61c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f832a3f9fb50dfb245accbfe1f55d83f4330332a2a1b1640888d253398b95bb9
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fdfeba02862c96c6d6fa5c6ecc5db0b1f9c04b93941ffa0dd47b23e66a7f9e8f
fea79d71201fbd2f32c8f165dc7755838e4269f4eb72a29ac229e5b506bad0f5
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffc44bd6bf62008f7c6980b013a7667d22f4135c8ffe28236817a327d89e57a1

journalrecord.com Open in urlscan Pro 18.155.145.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

272 Requests

94 %HTTPS

54 %IPv6

36 Domains

62 Subdomains

52 IPs

4 Countries

4272 kBTransfer

11498 kBSize

34 Cookies

25 Outgoing links

Page URL History

Redirected requests

272 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

journalrecord.com Open in urlscan Pro
18.155.145.111 Public Scan

Screenshot
Live screenshot

Full Image

272
Requests

94 %
HTTPS

54 %
IPv6

36
Domains

62
Subdomains

52
IPs

4
Countries

4272 kB
Transfer

11498 kB
Size

34
Cookies

272 HTTP transactions
9 data transactions