www.westernjournal.com Open in urlscan Pro
2606:4700:10::6816:264b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://w-j.co/s/00956
Effective URL:
https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source...
Submission: On November 03 via api (November 3rd 2021, 8:30:44 pm UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 38 domains to perform 127 HTTP transactions. The main IP is 2606:4700:10::6816:264b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.westernjournal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2021. Valid for: a year.

This is the only time www.westernjournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:357d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:10:... 2606:4700:10::6816:264b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:5e00:d:99dd:3480:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:1000:14:248f:8500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.58 18.66.97.58	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:5000:11:2a6a:9480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:ea00:3:f9b0:4040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:38ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	35.201.96.133 35.201.96.133	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:ce00:16:f82a:8600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:9400:9:dc53:cc00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
1 6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
9	3.130.74.217 3.130.74.217	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.106 13.35.253.106	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	52.218.229.208 52.218.229.208	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.99.94 13.32.99.94	16509 (AMAZON-02) (AMAZON-02)
1	54.68.102.112 54.68.102.112	16509 (AMAZON-02) (AMAZON-02)
5	13.32.99.89 13.32.99.89	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:4e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
16	13.32.22.17 13.32.22.17	16509 (AMAZON-02) (AMAZON-02)
2	13.35.253.90 13.35.253.90	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:3c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2014	15169 (GOOGLE) (GOOGLE)
1	141.95.3.9 141.95.3.9	16276 (OVH) (OVH)
1	34.249.68.36 34.249.68.36	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
127	45

1 2606:4700:3031::6815:357d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

w-j.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::6816:264b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.westernjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:5e00:d:99dd:3480:21 (United States)

ASN16509 (AMAZON-02, US)

d3l320urli0p1u.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:1000:14:248f:8500:93a1 (United States)

ASN16509 (AMAZON-02, US)

run.crtx.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.58 (United States)

ASN16509 (AMAZON-02, US)

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:5000:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:ea00:3:f9b0:4040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ccpa-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:38ae (United States)

ASN13335 (CLOUDFLARENET, US)

users.api.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com

partplanes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:ce00:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)

gdpr.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9400:9:dc53:cc00:93a1 (United States)

ASN16509 (AMAZON-02, US)

ccpa.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.130.74.217 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-74-217.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-106.fra6.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.229.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-94.fra60.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.102.112 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-102-112.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.32.22.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-17.fra56.r.cloudfront.net

cmp-consent-tool.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-90.fra6.r.cloudfront.net

dau-prod.launch.liveramp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

liftable-bq-streamer.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.9 (France)

ASN16276 (OVH, FR)
PTR: p32.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.68.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	privacymanager.io gdpr-wrapper.privacymanager.io ccpa-wrapper.privacymanager.io gdpr.privacymanager.io ccpa.privacymanager.io geo.privacymanager.io cmp-consent-tool.privacymanager.io	568 KB
26	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com ins.connatix.com vid.connatix.com img.connatix.com	290 KB
16	westernjournal.com 1 redirects www.westernjournal.com	356 KB
6	facebook.com www.facebook.com	782 B
5	googlesyndication.com pagead2.googlesyndication.com	1 KB
4	googleapis.com imasdk.googleapis.com	693 KB
4	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	144 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
3	facebook.net connect.facebook.net	201 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	liveramp.com dau-prod.launch.liveramp.com	469 B
2	jeeng.com users.api.jeeng.com	119 KB
2	clean.gg i.clean.gg	104 B
1	adsrvr.org match.adsrvr.org	549 B
1	crwdcntrl.net id.crwdcntrl.net	911 B
1	id5-sync.com id5-sync.com	540 B
1	appspot.com liftable-bq-streamer.appspot.com	272 B
1	nr-data.net bam-cell.nr-data.net	715 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	2mdn.net s0.2mdn.net	17 KB
1	adsafeprotected.com static.adsafeprotected.com	482 B
1	google.de www.google.de	501 B
1	google.com www.google.com	501 B
1	quantcount.com rules.quantcount.com	1 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com	552 B
1	amazonaws.com s3-us-west-2.amazonaws.com
1	quantserve.com secure.quantserve.com	10 KB
1	rlcdn.com ats.rlcdn.com	61 KB
1	partplanes.com partplanes.com	30 KB
1	contextweb.com bh.contextweb.com	406 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	pubmatic.com ads.pubmatic.com	54 KB
1	googletagmanager.com www.googletagmanager.com	46 KB
1	crtx.info run.crtx.info	104 KB
1	net. d3l320urli0p1u.cloudfront.net.	38 KB
1	w-j.co 1 redirects w-j.co	746 B
127	38

	Domain	Requested by
16	cmp-consent-tool.privacymanager.io	d3l320urli0p1u.cloudfront.net. cmp-consent-tool.privacymanager.io
16	www.westernjournal.com	1 redirects www.westernjournal.com
11	ins.connatix.com	cd.connatix.com
9	capi.connatix.com	www.westernjournal.com cd.connatix.com
6	www.facebook.com	www.westernjournal.com
5	pagead2.googlesyndication.com	imasdk.googleapis.com
5	geo.privacymanager.io	www.westernjournal.com
4	imasdk.googleapis.com	www.westernjournal.com d3l320urli0p1u.cloudfront.net.
3	securepubads.g.doubleclick.net	d3l320urli0p1u.cloudfront.net. www.westernjournal.com
3	connect.facebook.net	d3l320urli0p1u.cloudfront.net.
3	www.google-analytics.com	d3l320urli0p1u.cloudfront.net. www.westernjournal.com
3	sb.scorecardresearch.com	1 redirects d3l320urli0p1u.cloudfront.net. www.westernjournal.com
3	gdpr-wrapper.privacymanager.io	www.westernjournal.com
2	img.connatix.com	www.westernjournal.com
2	dau-prod.launch.liveramp.com	www.westernjournal.com
2	mug.criteo.com	www.westernjournal.com
2	gum.criteo.com	1 redirects
2	cds.connatix.com	www.westernjournal.com d3l320urli0p1u.cloudfront.net.
2	gdpr.privacymanager.io	d3l320urli0p1u.cloudfront.net. cmp-consent-tool.privacymanager.io
2	users.api.jeeng.com	www.westernjournal.com
2	i.clean.gg	www.westernjournal.com
1	match.adsrvr.org	www.westernjournal.com
1	id.crwdcntrl.net	www.westernjournal.com
1	id5-sync.com	www.westernjournal.com
1	liftable-bq-streamer.appspot.com	www.westernjournal.com
1	bam-cell.nr-data.net	d3l320urli0p1u.cloudfront.net.
1	js-agent.newrelic.com	d3l320urli0p1u.cloudfront.net.
1	s0.2mdn.net	www.westernjournal.com
1	vid.connatix.com	cd.connatix.com
1	static.adsafeprotected.com	www.westernjournal.com
1	www.google.de	www.westernjournal.com
1	www.google.com	www.westernjournal.com
1	stats.g.doubleclick.net	www.westernjournal.com
1	rules.quantcount.com	d3l320urli0p1u.cloudfront.net.
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.westernjournal.com
1	certify.alexametrics.com	www.westernjournal.com
1	s3-us-west-2.amazonaws.com	d3l320urli0p1u.cloudfront.net.
1	secure.quantserve.com	d3l320urli0p1u.cloudfront.net.
1	ats.rlcdn.com	d3l320urli0p1u.cloudfront.net.
1	cd.connatix.com	1 redirects
1	ccpa.privacymanager.io	d3l320urli0p1u.cloudfront.net.
1	partplanes.com	d3l320urli0p1u.cloudfront.net.
1	bh.contextweb.com	www.westernjournal.com
1	ccpa-wrapper.privacymanager.io	www.westernjournal.com
1	d31qbv1cthcecs.cloudfront.net	d3l320urli0p1u.cloudfront.net.
1	ads.pubmatic.com	d3l320urli0p1u.cloudfront.net.
1	www.googletagmanager.com	d3l320urli0p1u.cloudfront.net.
1	run.crtx.info	www.westernjournal.com
1	d3l320urli0p1u.cloudfront.net.	www.westernjournal.com
1	w-j.co	1 redirects
127	50

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-14` - `2022-07-13`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.crtx.info Amazon	`2021-03-17` - `2022-04-15`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
jeeng.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
partplanes.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-13` - `2021-11-11`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.launch.liveramp.com Amazon	`2021-09-16` - `2022-10-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.appspot.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Frame ID: 4C54810598CDCA68632D8D8AF1E6C37E
Requests: 70 HTTP requests in this frame

Frame: https://cds.connatix.com/p/136274/connatix.player.dc.js
Frame ID: D2BF7AFF2BBD2FFA7DF3AF043E2A5C8F
Requests: 23 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: 82DE454809FC80A13EC514AD21FB0142
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: 44B54FC47AFD739E3C51CC7FDDD09F20
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: 4D424351F1C938A4A1023FFAEB1B103F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: 7A1BE0F4025EFAD3D467A068E693593D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1B1529F1943A50C3740B7EDE7DFE5A50
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DCFCAC5401A81580FDC7321516DDAED4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://w-j.co/s/00956 HTTP 301
https://www.westernjournal.com/s/00956 HTTP 301
https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-averag... Page URL

Page Statistics

127
Requests

98 %
HTTPS

52 %
IPv6

38
Domains

50
Subdomains

45
IPs

5
Countries

2777 kB
Transfer

8616 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://w-j.co/s/00956 HTTP 301
https://www.westernjournal.com/s/00956 HTTP 301
https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/136274/connatix.player.dc.js

Request Chain 36

https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1635971439605&ns_c=UTF-8&cv=3.5&c8=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&c7=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1635971439605&ns_c=UTF-8&cv=3.5&c8=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&c7=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&c9=

Request Chain 46

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=A5kGQHxhS2RKL3l3N3lKckRUZVBOYk5vemJhV2RZMGE3blFyMldwMWNYcE4rZVIxZEVNbWVscy9SL2tHRi96bUNpNEdvS3JXYVFkNFlsMHBtSUxQNUxNdm5hcmtIcFdUN1JjSUFvZGtjSEMxMStDS1U2WVRKdmNpN1NRK2xCbWdyU0Mra1BlODZsMDZDZEpzanZWbmxXZGZoa0tURkh4QVRJN05JQWI4R1JsbWQxeFpLSllGNHRvWWMvL3NBNnRjUVJqU0orQ2U4YkRhdEVPaitES3huYlg3V0FpVHpnNnhlYzBMMnZWZEhZZ2V3K0F6aW5jSFlDS1krWXY3QjViY0V2NXZwfA&cppv=2

127 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/
Redirect Chain

http://w-j.co/s/00956
https://www.westernjournal.com/s/00956
https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_c...

180 KB
37 KB

1537ms
1537ms

Document
text/html

2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab3d63bd1c40f20c8494d0577135b606e100598a9c6fcdee8ab901e3faf040f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-type: text/html; charset=UTF-8
link: <https://www.westernjournal.com/wp-json/>; rel="https://api.w.org/" <https://www.westernjournal.com/wp-json/wp/v2/posts/2797583>; rel="alternate"; type="application/json" <https://www.westernjournal.com/?p=2797583>; rel=shortlink
cache-control: max-age=1800
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 20:30:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 6a885c8dbf143742-MXP
content-encoding: br

Redirect headers

date: Wed, 03 Nov 2021 20:30:37 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=10800, must-revalidate
location: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 6a885c894b6a3742-MXP

GET
H2 200 script.js Show response
d3l320urli0p1u.cloudfront.net./ 116 KB
38 KB 51ms
10ms Script
application/javascript 2600:9000:225e:5e00:d:99dd:3480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3l320urli0p1u.cloudfront.net./script.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:5e00:d:99dd:3480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eab36dcdb53201a0aaa3e8b7f0435531daedae047716870379d3a2f919d5fa4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:23:12 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 15:18:08 GMT
server: AmazonS3
age: 452
etag: W/"5914691a0470a21ba17e4d000636203a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 0zG4ucEPn_oNug9_g-vljH2jm0poXFjnzpC4D_MsOwASnkhIcjxPtg==

GET
H2 200 classic-main.css
www.westernjournal.com/wp-content/themes/firefly/assets/css/ 59 KB
11 KB 60ms
60ms Stylesheet
text/css 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/wp-content/themes/firefly/assets/css/classic-main.css?ver=2.0-1633541235

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e2a7e38c040ad7d58171a72bc708b0f59d8a088361827b65a867a922f76ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 17:27:15 GMT
server: cloudflare
age: 2850
etag: W/"615ddc73-eb4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6a885c9779dc3742-MXP
cf-bgj: minify

GET
H2 200 prebid.js Show response
www.westernjournal.com/wp-content/themes/firefly/assets/js/ 296 KB
92 KB 48ms
48ms Script
application/javascript 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1633541239

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d312f39cbae5dd049cf3358304ea3ddf4fa6bb7cc1714041e406f0968e5e42e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 17:27:19 GMT
server: cloudflare
age: 2850
etag: W/"615ddc77-49ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6a885c97db2a3742-MXP

GET
H2 200 track.min.js Show response
run.crtx.info/ 103 KB
104 KB 93ms
11ms Script
application/javascript 2600:9000:223e:1000:14:248f:8500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://run.crtx.info/track.min.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:1000:14:248f:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:27:39 GMT
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
last-modified: Mon, 15 Feb 2021 22:14:47 GMT
server: AmazonS3
age: 68581
etag: "f88a765c6ea3dacc55ca6ed581e54f1f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 105945
x-amz-cf-id: -RqlG41luMVal9qGFNV-Eez8Rj43YGK2hCOfljKnIorTB4lsYRVQPg==

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 118ms
92ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Wed, 03 Nov 2021 20:30:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 93ms
93ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
46 KB 40ms
15ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3K9VP

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9c97a35c04beab40881c115d62f741d4571399d3f30971240612f302e1969aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47070
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Nov 2021 20:30:39 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158410/3599/ 167 KB
54 KB 153ms
20ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 19:39:57 GMT
server: Apache/2.2.15 (CentOS)
etag: "1421c11-29a3b-5cd3b9c953a17"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=31933
accept-ranges: bytes
content-type: text/javascript
content-length: 54751
expires: Thu, 04 Nov 2021 05:22:52 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 141ms
9ms Script
application/javascript 18.66.97.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 16424593
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: O7o9_COT-D7xDwihgxNxh9yagfKtUpkUPpHO22VOd6V2G08LyVV1EQ==

GET
H2 200 gdpr-liveramp.js Show response
gdpr-wrapper.privacymanager.io/gdpr/dba0188c-62e9-4cc8-a029-b241ff7264ab/ 423 KB
112 KB 54ms
8ms Script
text/javascript 2600:9000:20eb:5000:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/dba0188c-62e9-4cc8-a029-b241ff7264ab/gdpr-liveramp.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa88a95f6cbb11497a787b194bf01e36550fa8a42ecf5c86c447ae522b0386ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 17:12:26 GMT
content-encoding: gzip
age: 11894
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="gdpr-liveramp.js"
last-modified: Thu, 12 Aug 2021 22:58:01 GMT
server: AmazonS3
etag: W/"8d383e16ed97c498ae491675b9df7f54"
vary: Accept-Encoding
x-amz-version-id: 6pfB.VUs5.pszAcw_liARP3I.VDIa92X
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: text/javascript
x-amz-cf-id: 58JXixwKU1R123iDgI-C-ugRae5GbgmCbV1PW5U1xUuH0YuCN64sDw==

GET
H2 200 ccpa-liveramp.js Show response
ccpa-wrapper.privacymanager.io/ccpa/809e35f1-c427-4a9d-a838-a173c07a727f/ 18 KB
6 KB 37ms
8ms Script
text/javascript 2600:9000:223f:ea00:3:f9b0:4040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ccpa-wrapper.privacymanager.io/ccpa/809e35f1-c427-4a9d-a838-a173c07a727f/ccpa-liveramp.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ea00:3:f9b0:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 544d7e6d1f0653a4aa059115da7c59f7addea756edfabda64f052409d900ad18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: y5SIvNHAHg8gayj0yRwOoHYRnT2P_jlY
content-encoding: gzip
etag: W/"171d6ad996127f481b09c7bc0b767695"
last-modified: Tue, 04 May 2021 22:33:55 GMT
server: AmazonS3
age: 51397
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
date: Wed, 03 Nov 2021 06:16:15 GMT
content-disposition: attachment; filename="ccpa-liveramp.js"
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: AsfkpQIiRrMdeFxtfRDingPeBeMyKms_LPeCe-IpCXBvBJjfd2so5w==

GET
H2 200 / Show response
users.api.jeeng.com/users/domains/VAM4nzne41/sdk/ 355 KB
118 KB 186ms
54ms Script
text/javascript 2606:4700:10::6816:38ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/users/domains/VAM4nzne41/sdk/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1f78a52b4b1a695437f387c51cad167ec00698ef54f395bca35be6646a87c6a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2079
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
server: cloudflare
etag: W/"58ba6-iwc/laMPuLkLQbMfNWTz4JQtr+4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 c60d08323363c4861c206b74cb68eeb1.cloudfront.net (CloudFront)
x-cloud-trace-context: 88615a9754c18dbda71a5cb21060a89d
cache-control: max-age=3600
x-amz-cf-pop: MXP64-C1
cf-ray: 6a885c9989e959e3-MXP
x-amz-cf-id: vUGiiUrAK7QcrBCp5y0QfbS7QnO0FOP4XHyGIhU8D2xiPgGCh0LXuw==

GET
H2 200 white-wj2.png
www.westernjournal.com/wp-content/uploads/2021/05/ 2 KB
2 KB 86ms
84ms Image
image/webp 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/05/white-wj2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b172a835742a6505e994ff7794d27687181186ae8e2cda21d07236a96886abce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
vary: Accept
cf-cache-status: HIT
age: 761249
cf-polished: origFmt=png, origSize=3318
content-disposition: inline; filename="white-wj2.webp"
content-length: 1786
last-modified: Thu, 06 May 2021 21:31:52 GMT
server: cloudflare
etag: "60946048-cf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a885c98adce3742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 blue-wj.png
www.westernjournal.com/wp-content/uploads/2021/05/ 12 KB
12 KB 473ms
471ms Image
image/png 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/05/blue-wj.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02156e4992e388eb6c2564b13c90fb8c42b6c708718bba11e2fdd07b394a284a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
cf-cache-status: MISS
last-modified: Thu, 06 May 2021 21:13:06 GMT
server: cloudflare
etag: "60945be2-30a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a885c98add23742-MXP
content-length: 12454

GET
H2 200 unnamed-e1610580338765-150x150.jpg
www.westernjournal.com/wp-content/uploads/2021/01/ 9 KB
9 KB 39ms
38ms Image
image/jpeg 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/01/unnamed-e1610580338765-150x150.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa25672892696b8b2a82c086ed4c4df1d2c0f6bed268af7686f079fc78604c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 84861
cf-polished: origSize=9385, status=webp_bigger
content-length: 9178
last-modified: Wed, 13 Jan 2021 23:25:38 GMT
server: cloudflare
etag: "5fff8172-24a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a885c98add43742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 set.aspx
bh.contextweb.com/bh/ 49 B
406 B 374ms
99ms Image
image/gif 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/set.aspx?action=add&pid=1&advid=5248&token=LCMHRD&do=add

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: de-DE
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-5777456b74-jhbhm
expires: -1

GET
H2 200 global-min.js Show response
www.westernjournal.com/wp-content/themes/firefly/assets/js/ 97 KB
34 KB 43ms
41ms Script
application/javascript 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1634667668

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631e81faab0833f9d7f2a29efd36dbf8d105f78490c4a16c8b350d3f1003a1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 18:21:08 GMT
server: cloudflare
age: 2850
etag: W/"616f0c94-1843a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6a885c98add53742-MXP

GET
H2 200 wp-embed.min.js Show response
www.westernjournal.com/wp-includes/js/ 1 KB
804 B 47ms
47ms Script
application/javascript 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/wp-includes/js/wp-embed.min.js?ver=5.8.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Feb 2021 22:40:03 GMT
server: cloudflare
age: 2850
etag: W/"601b2643-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6a885c985cfb3742-MXP

GET
H2 200 v2fnsXllGjmYYZDkgwKOyVaoXJwgkvcNWxl2LluCH7xXOUPsl-k9MOjWVvyBLU2vM Show response
partplanes.com/ 103 KB
30 KB 534ms
403ms Script
text/javascript 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partplanes.com/v2fnsXllGjmYYZDkgwKOyVaoXJwgkvcNWxl2LluCH7xXOUPsl-k9MOjWVvyBLU2vM

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

538674ed65eb7a1302cb99744aacdc370afead6d7322911060b5a99bf057092b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "e1a3b35cfab0ecfe4a7419380f802aa487489c7f4803991715fa4de6a5319cb5"
vary: Accept-Encoding, Accept-Language
x-hostname: 94ecd830
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Wed, 03 Nov 2021 20:30:39 GMT
timing-allow-origin: *

GET
H2 200 gdpr.bundle.js Show response
gdpr.privacymanager.io/1/ 181 KB
52 KB 140ms
11ms Script
application/x-javascript 2600:9000:206f:ce00:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr.privacymanager.io/1/gdpr.bundle.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ce00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ebb1bc4ec5c51433f97e04b537b06aa15c49e8172a13b9eecdd4aa2774cdcd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: fh15Qi71pM2mS3R5TuKK0eYi9rMBAY0r
content-encoding: gzip
etag: W/"988eb19ae59fa41b4245157ce5481cd3"
age: 1977
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:437ed990-bd6b-47c5-adc6-6d80a4ee1c7e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 37409f7866bea926a55d87a284a235c4
last-modified: Wed, 03 Nov 2021 16:57:02 GMT
server: AmazonS3
date: Wed, 03 Nov 2021 19:57:43 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 48e020a6ce61e58f6559bfec4249aa4de5d541f99d5928245d89182dc9fb3fe7
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA56-C1
content-type: application/x-javascript
x-amz-cf-id: klP3KY_ErAGb3Egk1vZ5ATzzfvGGMd00lp33Icnrm0iF03wPZtBtGQ==

GET
H2 200 ccpa.bundle.js Show response
ccpa.privacymanager.io/1/ 131 KB
41 KB 148ms
16ms Script
application/x-javascript 2600:9000:20eb:9400:9:dc53:cc00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ccpa.privacymanager.io/1/ccpa.bundle.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:9:dc53:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6175d081940061cb96a2e8c9c90887b6f603361fe584bb053761581a36cb908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 01:06:10 GMT
content-encoding: gzip
age: 69870
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/CCPALibrary-prod:46c6104d-5029-4a06-9bda-711aa86be3ae
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: a2a26abd99ea9a1ebddb8c009cd81e5bff17815d45c26446b64aca5dc5979113
x-amz-meta-codebuild-content-md5: 499307154e38f71b0f0300655c2d69c9
last-modified: Tue, 24 Aug 2021 14:44:31 GMT
server: AmazonS3
etag: W/"7f5aef4d639402ac1025ddfa0b62c5d8"
vary: Accept-Encoding
x-amz-version-id: 8HWNV_AKk_uKnSTpTE_TmylAxm1bud7D
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: application/x-javascript
x-amz-cf-id: fa_tlZ2LlZsZtvbfDcAn0mT31QK0nlUOvkPtWyrEF17iZFAlpD3kng==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 137ms
12ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 02:25:29 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 65111
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: vMAot3LaZ5YXLjwL8nQ5aWvwxvY_1ap8y0CqkUMkPenkiJJ2YdneKA==

GET
H2 200 NJ-Governors-race-1-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/11/ 25 KB
26 KB 52ms
51ms Image
image/jpeg 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/11/NJ-Governors-race-1-559x327.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11adf0302a66b3a7f8b3a4610ae0ac7f224eb48ac0fa8b0515e9c7627b499682

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7718
cf-polished: origSize=30295, status=webp_bigger
content-length: 25917
last-modified: Wed, 03 Nov 2021 18:15:00 GMT
server: cloudflare
etag: "6182d1a4-7657"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a885c98be023742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Durr-v-Sweeney-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/11/ 25 KB
25 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/11/Durr-v-Sweeney-559x327.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

919294694492f871a8e1e17d97ea506ce8cd44313dedafde5e1d5bbb92002065

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3233
cf-polished: origSize=29188, status=webp_bigger
content-length: 25143
last-modified: Wed, 03 Nov 2021 18:15:42 GMT
server: cloudflare
etag: "6182d1ce-7204"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a885c98be053742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-design-2021-11-03T101301.285-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/11/ 17 KB
17 KB 55ms
54ms Image
image/jpeg 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/11/Untitled-design-2021-11-03T101301.285-559x327.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf21f2d5f174078bbe6148701d820117f3f71540b7c33090042215fc824998d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20548
cf-polished: origSize=21143, status=webp_bigger
content-length: 17120
last-modified: Wed, 03 Nov 2021 14:13:28 GMT
server: cloudflare
etag: "61829908-5297"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a885c98be063742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Biden-Gaffe-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/11/ 20 KB
20 KB 49ms
49ms Image
image/jpeg 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/11/Biden-Gaffe-559x327.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ed7053559dceb87cab30280e4388cf23c4fa6e07190e122972c8335585a995

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 71591
cf-polished: origSize=24094, status=webp_bigger
content-length: 20105
last-modified: Tue, 02 Nov 2021 23:52:23 GMT
server: cloudflare
etag: "6181cf37-5e1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a885c98be083742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 airplane-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/11/ 17 KB
18 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/11/airplane-559x327.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

237f27a6be236da638bfa1123e21a61f9345f9560a607439febe46acbe69eacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 71592
cf-polished: origSize=21865, status=webp_bigger
content-length: 17754
last-modified: Tue, 02 Nov 2021 23:54:16 GMT
server: cloudflare
etag: "6181cfa8-5569"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a885c98be0c3742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Goldberg-Tafoya-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/11/ 21 KB
21 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/11/Goldberg-Tafoya-559x327.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dc397213be9bbfab02f6775ba8a0ef2400361ef02b300398bd3908bd2ce2266

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 80695
cf-polished: origSize=25493, status=webp_bigger
content-length: 21567
last-modified: Tue, 02 Nov 2021 20:53:27 GMT
server: cloudflare
etag: "6181a547-6395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a885c98be0d3742-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Jack-Ciattarelli-and-Phil-Sweeney-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/11/ 31 KB
31 KB 577ms
576ms Image
image/jpeg 2606:4700:10::6816:264b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/11/Jack-Ciattarelli-and-Phil-Sweeney-559x327.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:264b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fca2580d9cfefa990302c8360bf9e9bf970ffa2f0d95837891928507a17a7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 19:34:23 GMT
server: cloudflare
etag: "6182e43f-7c06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 6a885c98be183742-MXP
content-length: 31750

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/136274/ Frame D2BF
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/136274/connatix.player.dc.js

1 MB
227 KB

36ms
17ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/136274/connatix.player.dc.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 991a4fbc66954719a21a0aee735ded6f7b97bca49c32d275ab23b3289339a485

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: br
last-modified: Wed, 03 Nov 2021 17:43:19 GMT
age: 9474
etag: "6b811be0d9e9c19bba29ce73ec80d64f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 232029

Redirect headers

location: https://cds.connatix.com/p/136274/connatix.player.dc.js
date: Wed, 03 Nov 2021 20:30:39 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0

GET
H/1.1 200
OK si
capi.connatix.com/tr/ 0
139 B 458ms
110ms Image
text/plain 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=1eba740d-7077-438a-9d6f-8a848d60672b
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 20:30:39 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 184 KB
61 KB 38ms
7ms Script
application/x-javascript 13.35.253.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-106.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: aNI79gymn36SdL1OCQ9XQoRn1j6ap8oY
content-encoding: gzip
etag: W/"319188f4e162198ee578ba6e65904ead"
age: 62381
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:f3f3bcb1-d653-4795-a242-0bc52f20e334
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 99ea7c9ae879eabed07b623c4b48c3a2
last-modified: Tue, 26 Oct 2021 10:28:36 GMT
server: AmazonS3
date: Wed, 03 Nov 2021 03:12:35 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 7fac56bbf391534ba4d108d9d1c5ede96a619703863f7695a7d7c98a8fea4662
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: application/x-javascript
x-amz-cf-id: 56U155JN-1szpdMnjiLGKKdp4NpCVypKoEe6ZGZblfDKvLptLfWr_A==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 48ms
11ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1e823139c936c952f54399a49096579a951e55baab2d0949e2f307163aac68a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: gzip
etag: "A9gdT3Vacr8A76JEThCwlA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 10 Nov 2021 20:30:39 GMT

GET
H/1.1 403
Forbidden getemails.js
s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/ 0
0 729ms
185ms Script
application/xml 52.218.229.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/getemails.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.229.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 1773
date: Wed, 03 Nov 2021 20:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 03 Nov 2021 22:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: pMS2gy28S8qDUC50z2Cl3tS66dmJtNYjx67HMye/rrnlmF5pq/I3NQv5u+Z3gp1ctWEqptP1SpEoW3yhQztMVw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 03 Nov 2021 20:30:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1635971439605&ns_c=UTF-8&cv=3.5&c8=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blo...
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1635971439605&ns_c=UTF-8&cv=3.5&c8=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Bl...

64 B
329 B

13ms
12ms

Image
image/gif

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1635971439605&ns_c=UTF-8&cv=3.5&c8=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&c7=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&c9=
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: -P_VlJvnrGIEkQuYgWgcIWpiR2Fafk1cpOtUkDGvpQde1NEyTvKBzg==

Redirect headers

date: Wed, 03 Nov 2021 20:30:39 GMT
via: 1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1635971439605&ns_c=UTF-8&cv=3.5&c8=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&c7=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&c9=
content-length: 504
x-amz-cf-id: c7WQHPeZMQiHXi-ut1alik3FPtS4wu6DzKy3iK2cWswq_VYb3mx9Lg==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 35ms
7ms Image
image/gif 13.32.99.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&time=1635971439606&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&random_number=9794851917&sess_cookie=3449d4eb17ce77f1bf54e5dc114&sess_cookie_flag=1&user_cookie=3449d4eb17ce77f1bf54e5dc114&user_cookie_flag=1&dynamic=true&domain=westernjournal.com&account=C1z2k1acFH002c&jsv=20130128&user_lang=en-US
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-94.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 05:06:51 GMT
Via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 55428
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA60-P3
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 6WO-S1do-qFc8vTlyvnCu5KwO1thOtw_5JkXDuQnUCo_DFIhaFlVgA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 621ms
175ms Image
text/plain 54.68.102.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.102.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-102-112.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
server: Server

OPTIONS
H2 200 vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/dba0188c-62e9-4cc8-a029-b241ff7264ab/ Frame 0
0 29ms
10ms Preflight 2600:9000:20eb:5000:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/dba0188c-62e9-4cc8-a029-b241ff7264ab/vendor-list.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Wed, 03 Nov 2021 17:12:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: TqDgZLRi-xgHiUSWuoQlV6AFySwEVvzFnlnRItU5PMO9Tpy6E8Qb7Q==
age: 11893

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 68ms
37ms Preflight
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 03 Nov 2021 20:30:39 GMT
x-amzn-requestid: 04a05118-f782-4a19-96d4-352bf206b614
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: IPqpeFHaDoEFoAw=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront), 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-cache: Miss from cloudfront
x-amz-cf-id: QQAxewlhzsozFPcWCjbXclCIv67Sf39Aei69MH0gZN5UglT-GaQQog==

GET
H2 200 vendor-list.json Show response
gdpr-wrapper.privacymanager.io/gdpr/dba0188c-62e9-4cc8-a029-b241ff7264ab/ 28 KB
6 KB 17ms
17ms Fetch
application/json 2600:9000:20eb:5000:11:2a6a:9480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdpr-wrapper.privacymanager.io/gdpr/dba0188c-62e9-4cc8-a029-b241ff7264ab/vendor-list.json
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c225459d5137e0b81e86c847dba4fdce6e3435e689ba726201e21fd7d2d0c7df

Request headers

Accept: application/json
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: RxW01JoYYSGHtHUWt0QBEx2N6pApCHuL
content-encoding: gzip
etag: W/"3423b42f7406afd75bca52bb2430fa09"
age: 1074
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 17:10:24 GMT
server: AmazonS3
date: Wed, 03 Nov 2021 20:14:07 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: jaAHt440jr25H-0HsUyPq7e3aaMD6TYvZnKa4w8cVsgnOboOemfHoA==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
596 B 7ms
7ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept: application/json
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Nov 2021 07:27:58 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb9.cloudfront.net (CloudFront), 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
age: 46961
x-amzn-requestid: 7e435d60-e71c-41d0-8dff-37c677b297a7
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-618239fe-41c686841cfbc0a7406cfa87;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: IN3_xGU7DoEFXeQ=
content-length: 30
x-amz-cf-id: dmECvhY-39veA0--TZH_zaN9PwTv4JY8pLzmSrL5xe__KegK7YHE4g==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
596 B 8ms
8ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept: application/json
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Nov 2021 07:27:58 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb9.cloudfront.net (CloudFront), 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
age: 46961
x-amzn-requestid: 7e435d60-e71c-41d0-8dff-37c677b297a7
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-618239fe-41c686841cfbc0a7406cfa87;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: IN3_xGU7DoEFXeQ=
content-length: 30
x-amz-cf-id: nD6Cb2BjBquQtQvsiRlsUNEiwOrSXfN4qiL7OPr8g0GuNp-C7qoyEQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 78ms
78ms Preflight
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 03 Nov 2021 20:30:39 GMT
x-amzn-requestid: a604d034-8ff5-4c9e-9794-6a7210f9269b
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: IPqpfHnFjoEFVQA=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via: 1.1 f3e00d74aa4544d776f78a159416d17b.cloudfront.net (CloudFront), 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-cache: Miss from cloudfront
x-amz-cf-id: fQoJu2Paakox9MDVybu7gt5qU_TK9Wo4XGzm03pK2YkIYKLqI43-yw==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 53ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1898
date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=A5kGQHxhS2RKL3l3N3lKckRUZVBOYk5vemJhV2RZMGE3blFyMldwMWNYcE4rZVIxZEVNbWVscy9SL2tHRi96bUNpNEdvS3JXYVFkNFlsMHBtSUxQNUxNdm5hcmtIcFdUN1JjSUFvZGtjSEMxMStDS1U2WVRKdmNpN1NRK2...

350 B
611 B

50ms
20ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=A5kGQHxhS2RKL3l3N3lKckRUZVBOYk5vemJhV2RZMGE3blFyMldwMWNYcE4rZVIxZEVNbWVscy9SL2tHRi96bUNpNEdvS3JXYVFkNFlsMHBtSUxQNUxNdm5hcmtIcFdUN1JjSUFvZGtjSEMxMStDS1U2WVRKdmNpN1NRK2xCbWdyU0Mra1BlODZsMDZDZEpzanZWbmxXZGZoa0tURkh4QVRJN05JQWI4R1JsbWQxeFpLSllGNHRvWWMvL3NBNnRjUVJqU0orQ2U4YkRhdEVPaitES3huYlg3V0FpVHpnNnhlYzBMMnZWZEhZZ2V3K0F6aW5jSFlDS1krWXY3QjViY0V2NXZwfA&cppv=2

Requested by

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5d2fd6f93dd3564552e80f25e47b48452c8e33922b66297a0cffb358c9e49583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 03 Nov 2021 20:30:38 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2638
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 03 Nov 2021 20:30:39 GMT
location: https://mug.criteo.com/sid?cpp=A5kGQHxhS2RKL3l3N3lKckRUZVBOYk5vemJhV2RZMGE3blFyMldwMWNYcE4rZVIxZEVNbWVscy9SL2tHRi96bUNpNEdvS3JXYVFkNFlsMHBtSUxQNUxNdm5hcmtIcFdUN1JjSUFvZGtjSEMxMStDS1U2WVRKdmNpN1NRK2xCbWdyU0Mra1BlODZsMDZDZEpzanZWbmxXZGZoa0tURkh4QVRJN05JQWI4R1JsbWQxeFpLSllGNHRvWWMvL3NBNnRjUVJqU0orQ2U4YkRhdEVPaitES3huYlg3V0FpVHpnNnhlYzBMMnZWZEhZZ2V3K0F6aW5jSFlDS1krWXY3QjViY0V2NXZwfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1798
content-length: 509
expires: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
596 B 8ms
7ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: 55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:27:58 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb9.cloudfront.net (CloudFront), 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
age: 46961
x-amzn-requestid: 7e435d60-e71c-41d0-8dff-37c677b297a7
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-618239fe-41c686841cfbc0a7406cfa87;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: IN3_xGU7DoEFXeQ=
content-length: 30
x-amz-cf-id: 7DD2JJC9cOgom6SAE-KB28ZKUMliTXoHKjczdSp9Q2cVFcLU7AZneg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 rules-p-s4EjFfr0LYkYa.js Show response
rules.quantcount.com/ 2 KB
1 KB 38ms
9ms Script
application/javascript 2600:9000:223c:4e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-s4EjFfr0LYkYa.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e5a10a7a53c0aa1ca0704a20adc6a270eee733a747dfc82d7cbb65d06d9874e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:15:25 GMT
content-encoding: gzip
age: 918
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 08 Jun 2017 16:07:03 GMT
server: AmazonS3
etag: W/"cbf8d31ef5dbccfe9ad4d0f0304d3f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: lAEIucs6AJN1CRP8g38n4bP1q9-w89kGu_Jv_5CBNb0TM91bo5CNJQ==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 19:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 Nov 2021 20:57:44 GMT

GET
H2 200 606809489393836 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/606809489393836?v=2.9.48&r=stable

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2852066f294480afc4323990aed02c36c6b5372e5942bc223075107c49430eac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89360
x-xss-protection: 0
pragma: public
x-fb-debug: tCfdKt47EiHEVzNCfOww/mG6jig5ncDorKgL7t54ECu8MGSCJSWa3Z4P6Q9xXKNvrdE4tvaRhXJyRLi19mbMDw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Nov 2021 20:30:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 entities Show response
users.api.jeeng.com/ 211 B
658 B 263ms
218ms XHR
application/json 2606:4700:10::6816:38ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/entities?description_md5=a73b7b06da39a221643d6e5ceba91498&domain_id=VAM4nzne41&image_url_encoded_md5=6b628e917105c1f370eba7e7811b1118&image_url_md5=6b628e917105c1f370eba7e7811b1118&published_at_md5=e129b1f9ee0655860c2083791bfe1f55&read_only=false&sdk_version=4.8&title_md5=061e1e66b27549c004e7b8158cefef40&url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 98da4fcd9b4423e443ab0ca2804764875163e207aa50425a0d0d5c60bb7d3ddb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
via: 1.1 30d508255f72fdd1189d1f581ac8dad9.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-encoding: gzip
server: cloudflare
etag: W/"d3-S8ArjAwybw9r7hEIh7YA77MsDCI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 375b774c940853d7e71e9d29686b6f9b
cache-control: max-age=8
cf-ray: 6a885c9b0e383758-MXP
x-amz-cf-id: T3QMWpz7Te6OuIAZnoJ50C8ZtAjxcWnvyQkSFD-DrKPn5mCrY8snmQ==

GET
H2 200 index.html Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 1 KB
1 KB 44ms
8ms Document
text/html 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

content-type: text/html
date: Wed, 03 Nov 2021 16:57:46 GMT
last-modified: Wed, 03 Nov 2021 16:57:28 GMT
etag: W/"b8061b8850e21ea20dba03d10b1747ea"
x-amz-server-side-encryption: AES256
cache-control: must-revalidate,public,max-age=604800
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-version-id: geR9VcPto9ZrTyc8lR76LnYjF.84V0rk
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: fWa8iSg4iIrwKdnOBFYHG5l2yY2jqu2eIQazIhVUZzOGcgbmkq5syg==
age: 12774

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 51ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2000
date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: gzip
vary: Accept-Encoding

POST
H2 200 records Show response
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ 110 B
469 B 122ms
122ms Fetch
application/json 13.35.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-90.fra6.r.cloudfront.net
Software: /
Resource Hash: 7f1867f0b840d81e779313992bfe9c81b3159b12eea2a36370514f2ace3dec77

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 5ce59a5e-df19-4363-b736-50b0bb333d2d
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6182f170-5420dcd328cf755d2e85428d
x-amz-apigw-id: IPqpkF1ZoAMFicw=
content-length: 110
x-amz-cf-id: TtbchZKHIfooA3HFCzunDCu9q77xxKLL8hZPywrv64X2_wt9Lz4cHA==

OPTIONS
H2 200 records
dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/ Frame 0
0 328ms
283ms Preflight
application/json 13.35.253.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dau-prod.launch.liveramp.com/kinesis/streams/daily-active-users-prod/records
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-90.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 03 Nov 2021 20:30:40 GMT
x-amzn-requestid: 0f58d09b-6fff-4e43-948b-ae32b05be4f6
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: IPqpjGAQIAMFvRQ=
access-control-allow-methods: GET,OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: a7vTY7xwd-RPgxL0vesB1d-LSIVzSlr1xp6gPT9Xy2Q4I-rmh7sh3g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-54260989-7&cid=2085844180.1635971440&jid=2133587495&gjid=1155358770&_gid=644336953.1635971440&_u=aGBAiUAjBAAAAE~&z=1325147369

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Nov 2021 20:30:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 9ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=160701095&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&ul=en-us&de=UTF-8&dt=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiUAjB~&jid=2133587495&gjid=1155358770&cid=2085844180.1635971440&tid=UA-54260989-7&_gid=644336953.1635971440&gtm=GarK3K9VP&cd1=http%3A%2F%2Fwww.westernjournal.com&cd2=Biden%20administration&cd3=700&cd4=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd5=gatkinson&cd6=Commentary&cd7=2021-11-01&cd10=jchester&cd11=jchester&cd12=dvankempen&cd14=Biden%20administration%2C%20big%20government%2C%20Coronavirus%2C%20freedom%2C%20health%2C%20Joe%20Biden%2C%20medical%2C%20US%20news%2C%20vaccine&cd15=Commentary&cd16=web&cd17=jchester&cd23=18&cd24=109&cd25=81&cd29=0&cd33=2021-11-03T20%3A30%3A39.590%2B00%3A00&cd34=1635971439590.wyrk868l&cd37=false&cd38=&cd39=&cd40=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd41=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd42=2797583&cd43=standard&cd44=104&cd45=109&cd46=false&cd47=above_article&z=1751262946

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 04:53:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56221
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 player.css
cds.connatix.com/p/136274/ 53 KB
8 KB 23ms
23ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/136274/player.css
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 284da3d2b11c82b2f5624dd0fad62bdcbe3b67a2a8687b00ff04e30deb17fd30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
content-encoding: br
last-modified: Wed, 03 Nov 2021 17:43:20 GMT
age: 9475
etag: "e8ad8269886e013999d07e283560f314"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8279

GET
H2 200 1897937520432117 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 380ms
380ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1897937520432117?v=2.9.48&r=stable

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efd37808662afd01c4de0bd00e301a63a4d132a0a80dc775149ef18682548cb0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: P+46RqltcvAIlo5m+l5d6C837Nli43BGg97z12DODZbmZOhmt+W+z2nEWdiCKRn0jKwskete3Tkcoxwua7Ktkw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 03 Nov 2021 20:30:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 31ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=606809489393836&ev=PageView&dl=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&rl=&if=false&ts=1635971439879&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635971439878.174920489&it=1635971439762&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Nov 2021 20:30:39 GMT

GET
H2 200 styles.css
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 95 KB
13 KB 15ms
14ms Stylesheet
text/css 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/styles.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:47 GMT
content-encoding: gzip
age: 12773
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:22 GMT
server: AmazonS3
etag: W/"fc91ee31cf2e2dbba65546e19b425c59"
vary: Accept-Encoding
x-amz-version-id: Q4J0H.Ks_Ez3zjiL3qvVswHkoqdWlVFb
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: text/css
x-amz-cf-id: DrClWUMVWIE5X7NLI5PlBk-8feCJyEiXeh0Jx23WuzfIisazQjMaxQ==

GET
H2 200 openSans.css
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 26 KB
3 KB 15ms
14ms Stylesheet
text/css 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:48 GMT
content-encoding: gzip
age: 12772
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:23 GMT
server: AmazonS3
etag: W/"e0df7919fa5e82dca894ac73371effed"
vary: Accept-Encoding
x-amz-version-id: ZQgzbNvK6yBWlAg75RpLPiNPAEIwRUgT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: text/css
x-amz-cf-id: W0_TcpZREF5YhLYnarQXwfNjgyyd303w8MWby7wLuRkiFOj09LpGFA==

GET
H2 200 runtime.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 2 KB
2 KB 16ms
15ms Script
application/x-javascript 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:47 GMT
content-encoding: gzip
age: 12773
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:15 GMT
server: AmazonS3
etag: W/"5fe48064a68c5e51f208fb444eb5a84a"
vary: Accept-Encoding
x-amz-version-id: UeZBtinKnsk_T4VKY2hzDHEAqDdhih89
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: application/x-javascript
x-amz-cf-id: uiqDnKB4o0ssg29El7f-sdQPsk99zl8SpumqPE8e9OLd24wPcvZmsg==

GET
H2 200 polyfills.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 44 KB
15 KB 21ms
20ms Script
application/x-javascript 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/polyfills.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:48 GMT
content-encoding: gzip
age: 12772
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:42 GMT
server: AmazonS3
etag: W/"d40fc0a76f5b7cbdbb3f7a15f1038a44"
vary: Accept-Encoding
x-amz-version-id: byq7CzsrLWMJkf6nw34a2fGsc.tcUSLx
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: application/x-javascript
x-amz-cf-id: vAVbYuE46nVNJp0qmx5bq9Y2IesTsjxXQCkuFTqzAhSDm2pCDazBVw==

GET
H2 200 vendor.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 783 KB
200 KB 26ms
25ms Script
application/x-javascript 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/vendor.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:46 GMT
content-encoding: gzip
age: 12774
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:14 GMT
server: AmazonS3
etag: W/"83497fb39f19b4dfaaa958cf6d4558b1"
vary: Accept-Encoding
x-amz-version-id: 2j_.vXoPyvwDDb4ynLwNmpn66fYCZZ6Z
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: application/x-javascript
x-amz-cf-id: pjE8-z64oX7JQwWnW1mR585q8uZWUB_mHFVhX-GdkM5TTZ9uC2cu3g==

GET
H2 200 main.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 42 KB
10 KB 48ms
47ms Script
application/x-javascript 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 167982fa128d47a62bd03befe22b8adb08f6d0a1590601b325d3d1a14f7c309d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:46 GMT
content-encoding: gzip
age: 12774
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:21 GMT
server: AmazonS3
etag: W/"27781014aa851cefcddd28da172ef69d"
vary: Accept-Encoding
x-amz-version-id: jN5hOIa64QLEbrAviNEOkXaPZMDkA9Ad
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: application/x-javascript
x-amz-cf-id: O4KAO1L2jVskUkq_FBhzC0qVKfNc_XXPQHobsOyQEUh25rmBkcP0rQ==

GET
H2 200 defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 0
6 KB 48ms
48ms Other
text/css 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:46 GMT
content-encoding: gzip
age: 12774
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:29 GMT
server: AmazonS3
etag: W/"ddb5e6d71b353c98624b1784c506f1ee"
vary: Accept-Encoding
x-amz-version-id: SRBN7EZifs4k4jHeuWovRjEVJuDKvXTo
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: text/css
x-amz-cf-id: BN_Qg0x5ipShSjCaJF7xmSsb6T1dmH4dLDVuoUlFRwzN2SabHn5rrA==

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame D2BF 6 KB
3 KB 189ms
134ms XHR
multipart/form-data 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=136274
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: b1c8e3f5cf04ecbc92a3832dcd4e21efdd0af7e6e57deabafa1a7474ee0ff359

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 03 Nov 2021 20:30:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2557

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 80ms
40ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-54260989-7&cid=2085844180.1635971440&jid=2133587495&_u=aGBAiUAjBAAAAE~&z=415596070

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 20:30:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 83ms
42ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-54260989-7&cid=2085844180.1635971440&jid=2133587495&_u=aGBAiUAjBAAAAE~&z=415596070

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 20:30:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 59 KB
12 KB 9ms
9ms Script
application/x-javascript 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/1.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a19209483cd31f0227408730c75f1f372ea1218f347a7fe97db8a480d16081e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:47 GMT
content-encoding: gzip
age: 12774
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:40 GMT
server: AmazonS3
etag: W/"691cd2dc367f8dac19dff3b597dcae50"
vary: Accept-Encoding
x-amz-version-id: c2CjoMquWHxKbd9Io77kR9aVpVWnDc7a
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: application/x-javascript
x-amz-cf-id: g2Kliq1z8RfyTJqsrQXnuiMZAMkIFGPC-PINJf1rKFKcmPjt862BBg==

GET
H2 200 18.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 23 KB
6 KB 10ms
9ms Script
application/x-javascript 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/18.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd47e11f786a55e1999e5ad7ced555a79c2f1de7b39dac2d20a74d66c495b156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:47 GMT
content-encoding: gzip
age: 12774
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:10 GMT
server: AmazonS3
etag: W/"e20412686af89b1b72195fc74ade66b4"
vary: Accept-Encoding
x-amz-version-id: 537E_kzte8ZEh.oCgbB2I8LFusFRRwqm
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: application/x-javascript
x-amz-cf-id: uDP-MGhLJtu41Nn9X5GkQbFkieowKXQK3Ir9-CCViKjf-vWD85CupQ==

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 32ms
8ms Image
image/gif 2600:9000:223f:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
age: 7704966
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: pfB0uFOXejoyaKE_AYtlk8WfVy2W0GOUZJY2J8ugDG-i0Lke-JXfOQ==

GET
H2 200 defaultTheme.css
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 34 KB
6 KB 9ms
9ms Stylesheet
text/css 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/defaultTheme.css
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36dc8627546125c2446359d123c1d11a8afbe6a5100862e2319217e335d985d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:46 GMT
content-encoding: gzip
age: 12775
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:29 GMT
server: AmazonS3
etag: W/"ddb5e6d71b353c98624b1784c506f1ee"
vary: Accept-Encoding
x-amz-version-id: SRBN7EZifs4k4jHeuWovRjEVJuDKvXTo
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: text/css
x-amz-cf-id: QP_hnyf1x_JJlVKqRlm0fY7qMwmF03jf-MQGeYLd6U1On5msMpDalA==

GET
H2 200 17.js Show response
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 123 KB
24 KB 10ms
10ms Script
application/x-javascript 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/17.js
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/runtime.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67b08c185967e7dbda1aecb9e42a11c61f24a20c0ccefe9ebfea250a4d67990c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/latest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:47 GMT
content-encoding: gzip
age: 12774
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
last-modified: Wed, 03 Nov 2021 16:57:35 GMT
server: AmazonS3
etag: W/"ab5247f9ceb22da2bab708700b3ce763"
vary: Accept-Encoding
x-amz-version-id: Nzo752rSZ3N2JQ.VhnW83ULgjrUBYKz4
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=604800
x-amz-cf-pop: FRA56-C2
content-type: application/x-javascript
x-amz-cf-id: -mG_m2Fkdwiu_2qqdfKYVe-snjpva_PPu45RqeEaJVuguVc0Nhlggg==

GET
H2 200 open-sans-latin-400-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 14 KB
15 KB 10ms
10ms Font
application/octet-stream 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-400-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:47 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
age: 12774
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
content-length: 14440
last-modified: Wed, 03 Nov 2021 16:57:37 GMT
server: AmazonS3
etag: "ff9d619b59f5cb3529b100448f398ac5"
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-version-id: fN3xHdSbyOFYARUnS3mJ9dAAf51TGBqH
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: aTwcUMyzM_yU2JRULgaUoRC7Pdqw5asMS5emu810HJuprFmyzoBWqw==

GET
H2 200 insights.bin Show response
ins.connatix.com/83ccce1c-3192-440e-9ffd-a7b1928b1772/3/ Frame D2BF 128 B
234 B 55ms
8ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/83ccce1c-3192-440e-9ffd-a7b1928b1772/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ecb66ee7d0a07813a3941ee2d552a0296300cff39d532a3bbb880cc73b54a58a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 20:19:29 GMT
age: 173120
etag: "9596a72ee8d016d7cd7af0d0068b4065"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 132

GET
H2 200 insights.bin Show response
ins.connatix.com/5c8c1367-bc30-4340-b4bf-15d09408eda0/3/ Frame D2BF 128 B
446 B 54ms
8ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/5c8c1367-bc30-4340-b4bf-15d09408eda0/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ad5d8f9df7e3d9cd3ae22cc3c3a18cd4c696503e64d1522b4da2f067a5de45a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 18:39:41 GMT
age: 5156
etag: "95bbfb7b1ea6c71a26694937d5b69c05"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 128

GET
H2 200 insights.bin Show response
ins.connatix.com/eae4e478-4505-4419-8a58-dd5920312ae6/3/ Frame D2BF 164 B
235 B 55ms
9ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/eae4e478-4505-4419-8a58-dd5920312ae6/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d6a88b4879f212726948d4bc8ee7e99294dd40c860867434ad8ef58efe54bf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 18:05:11 GMT
age: 8673
etag: "44e224767e1157bfdf43839f4bd13f0f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 144

GET
H2 200 insights.bin Show response
ins.connatix.com/cc40bca0-f657-48f6-b90f-c6b02a592864/3/ Frame D2BF 56 B
164 B 54ms
9ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/cc40bca0-f657-48f6-b90f-c6b02a592864/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d95ff64206b3fb70f21670d4a720a5dca8da45582a9119cae58eb4890b2a9026

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:52:01 GMT
age: 9450
etag: "ca0a1d42128a714dc649c47537ccfbb9"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 75

GET
H2 200 insights.bin Show response
ins.connatix.com/b408e303-d42e-40ad-932e-39818533ce81/3/ Frame D2BF 92 B
198 B 54ms
9ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/b408e303-d42e-40ad-932e-39818533ce81/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 91436684033fa016a7c3ea504c82d6f08da8e730a4e49b6168d09f5917e708ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:49:37 GMT
age: 9608
etag: "26049724086c42ab285a093af713beba"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 108

GET
H2 200 insights.bin Show response
ins.connatix.com/4a305e0a-ecd2-4477-94eb-21ed8ef35dbd/3/ Frame D2BF 173 B
250 B 55ms
10ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/4a305e0a-ecd2-4477-94eb-21ed8ef35dbd/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 653a329eeb8e0d938b0d920d935de52191795f87f4c47540cbd70603520c0421

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:51:28 GMT
age: 9451
etag: "ad9f0e5ddb6627f0f9e60928f7a35d61"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 159

GET
H2 200 insights.bin Show response
ins.connatix.com/a159457c-63ca-4c52-9e5e-0f4d05e5e78c/3/ Frame D2BF 164 B
237 B 55ms
10ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/a159457c-63ca-4c52-9e5e-0f4d05e5e78c/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 86705425f39b4c2938110f21465ed4c4ece1a80b858283d4c5d9a7dd124977a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:36:58 GMT
age: 10114
etag: "d0f7ce75a15739b2665254a181488dbe"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 145

GET
H2 200 insights.bin Show response
ins.connatix.com/47a912a8-28e0-48fa-a732-5ec26ca4d109/3/ Frame D2BF 281 B
295 B 60ms
15ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/47a912a8-28e0-48fa-a732-5ec26ca4d109/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0aaf9b1efb8aa639b7f7173d817f4ee773b20f0688bb30f167f38dfd90a89e7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:31:43 GMT
age: 10631
etag: "ccb9f346a3d28f60d753ad9c2ecaaad0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 204

GET
H2 200 insights.bin Show response
ins.connatix.com/0b036cc6-0db6-4aa3-beb1-b14660609c0f/3/ Frame D2BF 65 B
398 B 59ms
15ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/0b036cc6-0db6-4aa3-beb1-b14660609c0f/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a421e56def9398e85c5a185f53b23dc74c3c1488cc6b1c996930d36fa27ae66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:13:55 GMT
age: 11737
etag: "83da5b84e961fa82db86fac4941316b0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 80

GET
H2 200 insights.bin Show response
ins.connatix.com/decb48bf-24ee-4fe3-8912-fe154194b82f/3/ Frame D2BF 56 B
165 B 54ms
10ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/decb48bf-24ee-4fe3-8912-fe154194b82f/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c193d6e01a14a8681f4b97eacdeda9da3273769f74d48acc34c4af594115e8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 16:52:01 GMT
age: 13027
etag: "0968bd56b15ec59b48f4cb9c64478474"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 75

GET
H2 200 insights.bin Show response
ins.connatix.com/075706bd-deb4-4df9-a54b-f3967dc33974/3/ Frame D2BF 164 B
248 B 60ms
16ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/075706bd-deb4-4df9-a54b-f3967dc33974/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0b987cec9856be3229008fa9bb4057e0552d466aaba6a2979aa178dedc354ad0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 16:49:27 GMT
age: 12052
etag: "d82d441ec3556788e75de615dcdfc4f2"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 145

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame D2BF 0
303 B 118ms
118ms XHR
multipart/form-data 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=136274
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 03 Nov 2021 20:30:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 79ms
38ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

98f0b8ffd73ec0aa99dfa38d25078df10607a8f338bb85f49888a7f2921b41e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1033 / 319 of 1000 / last-modified: 1635937567"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27291
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 20:30:40 GMT

GET
H2 200 3_media.bin Show response
vid.connatix.com/83ccce1c-3192-440e-9ffd-a7b1928b1772/ Frame D2BF 407 B
448 B 33ms
10ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/83ccce1c-3192-440e-9ffd-a7b1928b1772/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5dc880f2aee8f96d28f3c152a51e509eb4ca6ee953d58c3a4c9788d2359541a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 20:19:29 GMT
age: 173383
etag: "280f3e73ec14cd6e56f164642bb862c3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 356

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D2BF 369 KB
123 KB 79ms
23ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125171
x-xss-protection: 0
expires: Wed, 03 Nov 2021 20:30:40 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame D2BF 130 B
441 B 462ms
135ms XHR
multipart/form-data 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=136274
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2f3447447d1bbe42f5afbc0141b99eda75e534410d0b76b0572aa811b1a0f20a

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 03 Nov 2021 20:30:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.westernjournal.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 11.png
img.connatix.com/1eba740d-7077-438a-9d6f-8a848d60672b/ 8 KB
8 KB 46ms
24ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1eba740d-7077-438a-9d6f-8a848d60672b/11.png
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 06cec1f5d6ddbd571ebcea93c0d7b118b301b5a90d0dd01cc0fc3ddfcc7c5463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: br
age: 2023591
etag: "DjjaypRQtq3FFoV9W7rtBdyELLrNsBOHtvpNCL6Idsc"
access-control-max-age: 86400
fastly-io-info: ifsz=19885 idim=478x478 ifmt=png ofsz=8402 odim=478x478 ofmt=png
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/png
content-length: 7935

GET
H2 200 fingerprint-logo.png
gdpr.privacymanager.io/1/ Frame 82DE 3 KB
4 KB 7ms
7ms Image
image/png 2600:9000:206f:ce00:16:f82a:8600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdpr.privacymanager.io/1/fingerprint-logo.png
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ce00:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp-consent-tool.privacymanager.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 9pQOsi2DxK3rqUh4Tx6cHO.FtyKwGHRN
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
etag: "b7cdca038062eecdc45c7351c6a539ad"
age: 1977
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/TCFBuild-prod:437ed990-bd6b-47c5-adc6-6d80a4ee1c7e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 37409f7866bea926a55d87a284a235c4
content-length: 2962
last-modified: Wed, 03 Nov 2021 16:57:03 GMT
server: AmazonS3
date: Wed, 03 Nov 2021 19:57:44 GMT
x-amz-meta-codebuild-content-sha256: 48e020a6ce61e58f6559bfec4249aa4de5d541f99d5928245d89182dc9fb3fe7
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: vVPztK-WLeUIdYUePSn3EsGTI_31xD7c9s6u2PW5SYLhYYYDWjsHng==

GET
H2 200 icon-chevron-left.svg
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 441 B
1 KB 8ms
8ms Image
image/svg+xml 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmp-consent-tool.privacymanager.io/latest/icon-chevron-left.svg
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/styles.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:46 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
age: 12775
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
content-length: 441
last-modified: Wed, 03 Nov 2021 16:57:27 GMT
server: AmazonS3
etag: "e2760515a843a0256b4b810489b5426b"
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
cache-control: must-revalidate,public,max-age=604800
x-amz-version-id: wEbywDrZJOp4fy384WTclxyqa4C4YBTp
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: 5stBIYqvSwEi0Y1cyykEDFGhB83w-t8Fg571ipmlg9G-FDWKTdhX9w==

GET
H2 200 open-sans-latin-700-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 15 KB
15 KB 9ms
8ms Font
application/octet-stream 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-700-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:46 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
age: 12775
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
content-length: 15112
last-modified: Wed, 03 Nov 2021 16:57:17 GMT
server: AmazonS3
etag: "b596676fc00af9806c16a12e9a0350f8"
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-version-id: dYVjWSXWVB91MGwoVIK5bbP5cvOhHZUr
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: 1eT3YBpALtaAs4_tc0m2yIrAXB7DUYURcWOqBHWpT8GAc-iIhKrfhw==

GET
H2 200 open-sans-latin-600-normal.woff2
cmp-consent-tool.privacymanager.io/latest/ Frame 82DE 15 KB
15 KB 10ms
10ms Font
application/octet-stream 13.32.22.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp-consent-tool.privacymanager.io/latest/open-sans-latin-600-normal.woff2
Requested by: Host: cmp-consent-tool.privacymanager.io
URL: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.22.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-22-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Request headers

Referer: https://cmp-consent-tool.privacymanager.io/latest/openSans.css
Origin: https://cmp-consent-tool.privacymanager.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 16:57:46 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a3.cloudfront.net (CloudFront)
age: 12775
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/GlobalCmpConsentTool-prod:b1d3b803-33ab-4edd-b99e-8225371a65ac
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: d39f5f9e9076ee191ac82f9b75f694bc
content-length: 14956
last-modified: Wed, 03 Nov 2021 16:57:13 GMT
server: AmazonS3
etag: "4334c2753ff9f057d9de926e66882c9e"
access-control-allow-methods: GET
x-amz-meta-codebuild-content-sha256: 9222c09648e2e588c84267cfaec81ecb9898586cd659370fd4218785144c86e8
access-control-allow-origin: *
cache-control: must-revalidate,public,max-age=604800
x-amz-version-id: pqIsD.3L24wRdgGZpn8zZtCZlG1O6rxZ
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: -UCttpPVY2HNjJzqQQQ0yN2rkslAM7BuEmD55A576LIXHW2VHq2Bkw==

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame D2BF 0
303 B 113ms
113ms XHR
multipart/form-data 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=136274
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 03 Nov 2021 20:30:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame D2BF 0
303 B 113ms
113ms XHR
multipart/form-data 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=136274
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 03 Nov 2021 20:30:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/83ccce1c-3192-440e-9ffd-a7b1928b1772/ 39 KB
38 KB 27ms
27ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/83ccce1c-3192-440e-9ffd-a7b1928b1772/1_th.jpg?crop=817:460,smart&width=817&height=460&format=jpeg&quality=60&fit=crop
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f61ad0a6425ce7242c0e21f37452615f9e1412dd85acdb56637643a2e23c4ca8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: br
age: 173519
etag: "Wpk2ho2qXNTOjDrZD75WEy8SWSd3jw70xcpTcMgv+9U"
access-control-max-age: 86400
fastly-io-info: ifsz=159134 idim=2560x1440 ifmt=jpeg ofsz=40208 odim=817x460 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 39094

GET
H2 200 pubads_impl_2021110301.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
117 KB 18ms
18ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

8375b6d78687c24c35f1c2fd365d5b88a5f47bb295cc336d114f57daef0c419c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119127
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Nov 2021 20:30:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 148 B
134 B 31ms
16ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.westernjournal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

1f3a24ac0528ed6516588e779fb900c2400e73a5caa82a81b2a0e2dd237e09f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Wed, 03 Nov 2021 20:30:40 GMT

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 44B5 578 KB
190 KB 318ms
16ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Tue, 02 Nov 2021 22:15:47 GMT
expires: Wed, 02 Nov 2022 22:15:47 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D2BF 44 KB
17 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Nov 2021 20:30:40 GMT

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4D42 578 KB
190 KB 290ms
23ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Tue, 02 Nov 2021 22:15:47 GMT
expires: Wed, 02 Nov 2022 22:15:47 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7A1B 578 KB
190 KB 255ms
19ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Tue, 02 Nov 2021 22:15:47 GMT
expires: Wed, 02 Nov 2022 22:15:47 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1897937520432117&ev=PageView&dl=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&rl=&if=false&ts=1635971440427&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635971439878.174920489&it=1635971439762&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Nov 2021 20:30:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=606809489393836&ev=ViewContent&dl=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&rl=&if=false&ts=1635971440428&cd[content_name]=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd[content_tag]=%5B%22Biden%20administration%2C%20big%20government%2C%20Coronavirus%2C%20freedom%2C%20health%2C%20Joe%20Biden%2C%20medical%2C%20US%20news%2C%20vaccine%22%5D&cd[content_category]=%5B%22Commentary%22%5D&cd[articleReactions]=%5B%22undefined%22%5D&cd[articleVirtues]=%5B%22undefined%22%5D&cd[siteName]=http%3A%2F%2Fwww.westernjournal.com&cd[wordCount]=700&cd[articleTitle]=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd[articleSocialTitle]=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd[articleSEOTitle]=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd[articleChooser]=jchester&cd[articleTitler]=jchester&cd[articleTitleLength]=109&cd[articleSocialTitleLength]=104&cd[articleSEOTitleLength]=109&cd[articleEditor]=dvankempen&cd[articleShareTextAuthor]=jchester&cd[articleShareTextLength]=81&cd[articlePublishDate]=2021-11-01&cd[paragraphCount]=18&cd[articleID]=2797583&cd[articleFormat]=standard&cd[platform]=web&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22articleAuthor%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1635971439878.174920489&it=1635971439762&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Nov 2021 20:30:40 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1897937520432117&ev=ViewContent&dl=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&rl=&if=false&ts=1635971440429&cd[content_name]=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd[content_tag]=%5B%22Biden%20administration%2C%20big%20government%2C%20Coronavirus%2C%20freedom%2C%20health%2C%20Joe%20Biden%2C%20medical%2C%20US%20news%2C%20vaccine%22%5D&cd[content_category]=%5B%22Commentary%22%5D&cd[articleReactions]=%5B%22undefined%22%5D&cd[articleVirtues]=%5B%22undefined%22%5D&cd[siteName]=http%3A%2F%2Fwww.westernjournal.com&cd[wordCount]=700&cd[articleTitle]=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd[articleSocialTitle]=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd[articleSEOTitle]=Study%3A%20Americans%20with%20J%26J%20COVID%20Vaccine%203.7%20Times%20More%20Likely%20to%20Develop%20Blood%20Clots%20Than%20Average%20Person&cd[articleChooser]=jchester&cd[articleTitler]=jchester&cd[articleTitleLength]=109&cd[articleSocialTitleLength]=104&cd[articleSEOTitleLength]=109&cd[articleEditor]=dvankempen&cd[articleShareTextAuthor]=jchester&cd[articleShareTextLength]=81&cd[articlePublishDate]=2021-11-01&cd[paragraphCount]=18&cd[articleID]=2797583&cd[articleFormat]=standard&cd[platform]=web&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22articleAuthor%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1635971439878.174920489&it=1635971439762&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Nov 2021 20:30:40 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 1B15 0
89 B 13ms
12ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.westernjournal.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Wed, 03 Nov 2021 20:30:40 GMT

GET
H2 200 nr-1211.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 30ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1211.min.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding: gzip
etag: "3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id: X3M81H4NM1B4G6R6
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12477
x-amz-id-2: cvOSmODg07/4O4zGwviZMR3PU/m+IFAgnbTWch2Pw3XfIW/4Me7DGjuuZsigtg0xT+fI73EM98w=
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 27 Sep 2021 20:46:50 GMT
server: AmazonS3
x-timer: S1635971441.871747,VS0,VE0
date: Wed, 03 Nov 2021 20:30:40 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11009

POST
H/1.1 200
OK e Show response
capi.connatix.com/tr/ Frame D2BF 0
303 B 109ms
109ms XHR
multipart/form-data 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/e
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 03 Nov 2021 20:30:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame D2BF 2 B
311 B 207ms
109ms XHR
multipart/form-data 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=136274
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 03 Nov 2021 20:30:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 28

GET
H/1.1 200
OK 122dc12de0 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 636ms
576ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/122dc12de0?a=17724322,86577151&v=1211.ba193a8&to=YQFSN0RZDxZUUEBaClhLZRFfFwgLUVZMHRVeFA%3D%3D&rst=4007&ck=1&ref=https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/&ap=1024&be=2386&fe=3967&dc=2862&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1635971436878,%22n%22:0,%22f%22:827,%22dn%22:827,%22dne%22:827,%22c%22:827,%22ce%22:827,%22rq%22:828,%22rp%22:2364,%22rpe%22:2481,%22dl%22:2368,%22di%22:2706,%22ds%22:2862,%22de%22:2863,%22dc%22:3967,%22l%22:3967,%22le%22:3969%7D,%22navigation%22:%7B%7D%7D&fp=2597&fcp=2597&at=TUZRQQxDHBg%3D&jsonp=NREUM.setToken
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 03 Nov 2021 20:30:41 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a885ca1fcf632be-CDG

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 4D42 136 B
656 B 80ms
28ms XHR
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3291591038856485&cust_params=domains%3Dwww.westernjournal.com&vad_type=linear&sdkv=h.3.487.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=1738271927&sdk_apis=2%2C8&sid=BAA784B5-5C48-4161-BD6A-E9E7B76CC83A&eid=44752657&top=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&loc=about%3Ablank&dlt=1635971439471&idt=1374&dt=1635971440917&scor=3128050503667210&ged=ve4_td2_tt1_pd2_la2000_er707.471.863.777_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame DCFC 0
31 B 13ms
12ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.westernjournal.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Wed, 03 Nov 2021 20:30:40 GMT

POST
H2 200 bq-streamer Show response
liftable-bq-streamer.appspot.com/ 0
272 B 166ms
127ms XHR
text/html 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://liftable-bq-streamer.appspot.com/bq-streamer
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 03 Nov 2021 20:30:41 GMT
server: Google Frontend
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 45f7b9b917005e81814f078a2146f1b9
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 44B5 136 B
172 B 328ms
27ms XHR
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F5640&description_url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3014503023193551&cust_params=domains%3Dwww.westernjournal.com&vad_type=linear&sdkv=h.3.487.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3390854456&sdk_apis=2%2C8&sid=38120B59-3F7C-44F7-8257-FD567582A194&eid=44726392&top=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&loc=about%3Ablank&dlt=1635971439471&idt=1292&dt=1635971441583&scor=2900279430835366&ged=ve4_td3_tt2_pd3_la3000_er707.471.863.777_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 938.json Show response
id5-sync.com/g/v2/ 213 B
540 B 42ms
9ms XHR
application/json 141.95.3.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/938.json

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.9 , France, ASN16276 (OVH, FR),

Reverse DNS

p32.id5-sync.com

Software

Resource Hash

4ae775815b5620c0230288d0475fdfb50f1b943923418840e06baf577dc445e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.westernjournal.com
Date: Wed, 03 Nov 2021 20:30:35 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 154 B
911 B 116ms
44ms XHR
application/json 34.249.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.68.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 69f4006531e7e36a44a944d26b64d3593f4af95a80d5cad1a3e169c8e523969e

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Nov 2021 20:30:41 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache
x-server: 10.45.25.53
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 154
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
549 B 103ms
32ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/study-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person/?utm_source=telegram&utm_medium=westernjournalism&utm_campaign=telegramfeed&utm_content=2021-11-01
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 98001799140c2dbf0265f4897f6ea3081632a4ad8d0edd6ab6095982f2718061

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Nov 2021 20:30:41 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 03 Dec 2021 20:30:42 GMT

POST
H/1.1 200
OK sv Show response
capi.connatix.com/tr/ Frame D2BF 0
303 B 113ms
113ms XHR
multipart/form-data 3.130.74.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sv?v=136274
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.74.217 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-74-217.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Wed, 03 Nov 2021 20:30:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 7A1B 136 B
172 B 31ms
31ms XHR
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6148&description_url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2594735244496760&cust_params=domains%3Dwww.westernjournal.com&vad_type=linear&sdkv=h.3.487.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=400521213&sdk_apis=2%2C8&sid=AF9A8781-9660-4D52-97CA-1CC8F8DBFE69&eid=420706109&top=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&loc=about%3Ablank&dlt=1635971439471&idt=1342&dt=1635971442433&scor=1965531536511841&ged=ve4_td3_tt2_pd3_la3000_er707.471.863.777_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 4D42 136 B
172 B 31ms
30ms XHR
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F2570&description_url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=328125050268552&cust_params=domains%3Dwww.westernjournal.com&vad_type=linear&sdkv=h.3.487.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=1738271927&sdk_apis=2%2C8&sid=BAA784B5-5C48-4161-BD6A-E9E7B76CC83A&eid=44752657&top=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&loc=about%3Ablank&dlt=1635971439471&idt=1374&dt=1635971442980&scor=1904105556494149&ged=ve4_td4_tt3_pd4_la4000_er707.471.863.777_vi0.0.1200.1600_vp100_ts2_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 44B5 136 B
172 B 31ms
31ms XHR
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F107430338%2FCNXORTEST%2F6650&description_url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3893388677283120&cust_params=domains%3Dwww.westernjournal.com&vad_type=linear&sdkv=h.3.487.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3390854456&sdk_apis=2%2C8&sid=38120B59-3F7C-44F7-8257-FD567582A194&eid=44726392&top=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&url=https%3A%2F%2Fwww.westernjournal.com%2Fstudy-americans-jj-covid-vaccine-3-7-times-likely-develop-blood-clots-average-person%2F%3Futm_source%3Dtelegram%26utm_medium%3Dwesternjournalism%26utm_campaign%3Dtelegramfeed%26utm_content%3D2021-11-01&loc=about%3Ablank&dlt=1635971439471&idt=1292&dt=1635971443519&scor=2450814007982908&ged=ve4_td5_tt4_pd5_la5000_er707.471.863.777_vi0.0.1200.1600_vp100_ts2_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 20:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.westernjournal.com/	1970-01-19 22:29:04	Name: ADRIZER_SOURCE Value: {%22value%22:%22telegram%22%2C%22expires%22:%222021-11-05T20:30:39.382Z%22}
www.westernjournal.com/	1970-01-19 22:29:04	Name: ADRIZER_WIDGET Value: {%22value%22:%22%22%2C%22expires%22:%222021-11-05T20:30:39.382Z%22}
www.westernjournal.com/	1970-01-19 22:26:13	Name: ffpvi Value: 2
.westernjournal.com/	1970-01-19 22:26:13	Name: __asc Value: 3449d4eb17ce77f1bf54e5dc114
.westernjournal.com/	1970-01-20 07:13:13	Name: __auc Value: 3449d4eb17ce77f1bf54e5dc114
.scorecardresearch.com/	1970-01-20 15:42:59	Name: UID Value: 1C7WQHPEZMQIHXIUT1ALIKg1635971440
www.westernjournal.com/	1970-01-20 07:47:47	Name: gdpr-auditId Value: b422681ed4fa42d1b19466420a041704
www.westernjournal.com/	1970-01-19 23:09:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
.westernjournal.com/	1970-01-20 02:45:23	Name: _pubcid Value: 455661fc-580d-4e69-8fb9-1fde3efb4360
.westernjournal.com/	1970-01-20 15:57:23	Name: _ga Value: GA1.2.2085844180.1635971440
.westernjournal.com/	1970-01-19 22:27:37	Name: _gid Value: GA1.2.644336953.1635971440
www.westernjournal.com/	1970-01-19 22:27:37	Name: geo-location Value: {"country":"DE","region":"BE"}
www.westernjournal.com/	1970-01-19 22:27:37	Name: _lr_geo_location Value: DE
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3af201b4291099a1
www.westernjournal.com/	1970-01-20 07:47:47	Name: usprivacy Value: 1---
.westernjournal.com/	1970-01-19 22:26:11	Name: _dc_gtm_UA-54260989-7 Value: 1
.westernjournal.com/	1970-01-20 00:35:47	Name: _fbp Value: fb.1.1635971439878.174920489
www.westernjournal.com/	1970-01-20 07:47:47	Name: cto_bidid Value: 2puD0V9EVldNJTJGTTFJM0dqSVBIQmZuUjAxSGcwQ2xLQWVSTk53bHhmeWNwSHhLOTltaUJOYWZvZmVjWnQ0N3c0T2xYTnJpY3hEWm9ZTFIybEZ0ZnJzMjBzdjFnJTNEJTNE
www.westernjournal.com/	1970-01-20 07:47:47	Name: cto_bundle Value: GGDV619sdzZ4NVpkek1SMmMzdThtajB5eW9RbCUyQlhWNTNjYzVlRyUyRkRTOHkzdnphMm5VSTVHb21yUnBFTGl3bTRVVEVodDglMkI4ZTdnTGI2NXE2aHpLUyUyQm4zY0tJY1hrdjU0R3Y5S3AxUkpDbVpqZ1p4SWRnUyUyRiUyQkVKd3hCQ3I0d1pzbVg2Mg
www.westernjournal.com/	1970-01-19 22:27:37	Name: ccpa-dau Value: true
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8e112304af87bded
.adsrvr.org/	1970-01-20 07:11:47	Name: TDID Value: 49890082-90ab-480b-9f55-1a93d4b25467
www.westernjournal.com/	1970-01-19 23:52:35	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2249890082-90ab-480b-9f55-1a93d4b25467%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-03T20%3A30%3A42%22%7D
.crwdcntrl.net/	1970-01-20 04:54:58	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:54:58	Name: _cc_id Value: d1a75155f1c1f948a032127d1d349f28
.crwdcntrl.net/	1970-01-20 04:54:59	Name: _cc_cc Value: "ACZ4XmNQSDFMNDc1NDVNM0w2TLM0sUg0MDYyNDJPMUwxNrFMM7JgAILEpo%2BFIBoKAEl3CpI%3D"
.crwdcntrl.net/	1970-01-20 04:54:59	Name: _cc_aud Value: "ABR4XmNgYGBIbPpYCKSgAAAcIQJG"
.westernjournal.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1636576241797
.westernjournal.com/	1970-01-20 04:54:59	Name: _cc_id Value: d1a75155f1c1f948a032127d1d349f28
.westernjournal.com/	1969-12-31 23:59:59	Name: panoramaId Value: bb7eb00e5aafaf66c9c62b398e0e16d53938c743bea546ee283b5fa0164a80ab

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/getemails.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
ats.rlcdn.com
bam-cell.nr-data.net
bh.contextweb.com
capi.connatix.com
ccpa-wrapper.privacymanager.io
ccpa.privacymanager.io
cd.connatix.com
cds.connatix.com
certify.alexametrics.com
cmp-consent-tool.privacymanager.io
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
d3l320urli0p1u.cloudfront.net.
dau-prod.launch.liveramp.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
gum.criteo.com
i.clean.gg
id.crwdcntrl.net
id5-sync.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js-agent.newrelic.com
liftable-bq-streamer.appspot.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partplanes.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rules.quantcount.com
run.crtx.info
s0.2mdn.net
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
users.api.jeeng.com
vid.connatix.com
w-j.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.westernjournal.com
13.32.121.72
13.32.22.17
13.32.99.89
13.32.99.94
13.35.253.106
13.35.253.90
141.95.3.9
151.101.194.137
151.101.2.137
162.247.243.146
172.217.18.98
178.250.2.146
18.66.97.58
198.148.27.140
2.18.233.180
2600:9000:206f:ce00:16:f82a:8600:93a1
2600:9000:20eb:5000:11:2a6a:9480:93a1
2600:9000:20eb:9400:9:dc53:cc00:93a1
2600:9000:223c:4e00:6:44e3:f8c0:93a1
2600:9000:223e:1000:14:248f:8500:93a1
2600:9000:223f:3c00:8:48e:53c0:93a1
2600:9000:223f:ea00:3:f9b0:4040:93a1
2600:9000:225e:5e00:d:99dd:3480:21
2606:4700:10::6816:264b
2606:4700:10::6816:38ae
2606:4700:3031::6815:357d
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:809::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2003
2a00:1450:4001:812::2014
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9a
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.130.74.217
34.249.68.36
34.95.69.49
35.201.96.133
35.71.131.137
52.218.229.208
54.68.102.112
02156e4992e388eb6c2564b13c90fb8c42b6c708718bba11e2fdd07b394a284a
06cec1f5d6ddbd571ebcea93c0d7b118b301b5a90d0dd01cc0fc3ddfcc7c5463
0aaf9b1efb8aa639b7f7173d817f4ee773b20f0688bb30f167f38dfd90a89e7b
0b987cec9856be3229008fa9bb4057e0552d466aaba6a2979aa178dedc354ad0
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11adf0302a66b3a7f8b3a4610ae0ac7f224eb48ac0fa8b0515e9c7627b499682
167982fa128d47a62bd03befe22b8adb08f6d0a1590601b325d3d1a14f7c309d
17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45
1a421e56def9398e85c5a185f53b23dc74c3c1488cc6b1c996930d36fa27ae66
1e823139c936c952f54399a49096579a951e55baab2d0949e2f307163aac68a0
1f3a24ac0528ed6516588e779fb900c2400e73a5caa82a81b2a0e2dd237e09f3
1f78a52b4b1a695437f387c51cad167ec00698ef54f395bca35be6646a87c6a4
237f27a6be236da638bfa1123e21a61f9345f9560a607439febe46acbe69eacc
23e2a7e38c040ad7d58171a72bc708b0f59d8a088361827b65a867a922f76ab4
250a0280938365d9f83769f776b3834a605a6560ca3df785029ba97b6ddd5c4e
284da3d2b11c82b2f5624dd0fad62bdcbe3b67a2a8687b00ff04e30deb17fd30
2852066f294480afc4323990aed02c36c6b5372e5942bc223075107c49430eac
2f3447447d1bbe42f5afbc0141b99eda75e534410d0b76b0572aa811b1a0f20a
36dc8627546125c2446359d123c1d11a8afbe6a5100862e2319217e335d985d2
3c04106baf1333a6d9411aff493577c67786b171cfa91501c8eb3e31405b3059
3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c
3e5a10a7a53c0aa1ca0704a20adc6a270eee733a747dfc82d7cbb65d06d9874e
3ebb1bc4ec5c51433f97e04b537b06aa15c49e8172a13b9eecdd4aa2774cdcd9
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
48307114877d5b07454707dd9e225619dc2b438b76558e29748f1f9aee0bbf5a
489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7
4ae775815b5620c0230288d0475fdfb50f1b943923418840e06baf577dc445e4
4d6a88b4879f212726948d4bc8ee7e99294dd40c860867434ad8ef58efe54bf0
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
538674ed65eb7a1302cb99744aacdc370afead6d7322911060b5a99bf057092b
544d7e6d1f0653a4aa059115da7c59f7addea756edfabda64f052409d900ad18
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c193d6e01a14a8681f4b97eacdeda9da3273769f74d48acc34c4af594115e8d
5d2fd6f93dd3564552e80f25e47b48452c8e33922b66297a0cffb358c9e49583
5dc397213be9bbfab02f6775ba8a0ef2400361ef02b300398bd3908bd2ce2266
5dc880f2aee8f96d28f3c152a51e509eb4ca6ee953d58c3a4c9788d2359541a2
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
631e81faab0833f9d7f2a29efd36dbf8d105f78490c4a16c8b350d3f1003a1fc
653a329eeb8e0d938b0d920d935de52191795f87f4c47540cbd70603520c0421
67b08c185967e7dbda1aecb9e42a11c61f24a20c0ccefe9ebfea250a4d67990c
69f4006531e7e36a44a944d26b64d3593f4af95a80d5cad1a3e169c8e523969e
7f1867f0b840d81e779313992bfe9c81b3159b12eea2a36370514f2ace3dec77
7fca2580d9cfefa990302c8360bf9e9bf970ffa2f0d95837891928507a17a7a8
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8375b6d78687c24c35f1c2fd365d5b88a5f47bb295cc336d114f57daef0c419c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86705425f39b4c2938110f21465ed4c4ece1a80b858283d4c5d9a7dd124977a6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d49b3070550d94e487ca7bb67ff0b7b7413fb13805385cf9ddb9b5fb32a97d0
91436684033fa016a7c3ea504c82d6f08da8e730a4e49b6168d09f5917e708ad
919294694492f871a8e1e17d97ea506ce8cd44313dedafde5e1d5bbb92002065
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98001799140c2dbf0265f4897f6ea3081632a4ad8d0edd6ab6095982f2718061
98da4fcd9b4423e443ab0ca2804764875163e207aa50425a0d0d5c60bb7d3ddb
98f0b8ffd73ec0aa99dfa38d25078df10607a8f338bb85f49888a7f2921b41e8
991a4fbc66954719a21a0aee735ded6f7b97bca49c32d275ab23b3289339a485
9a19209483cd31f0227408730c75f1f372ea1218f347a7fe97db8a480d16081e
9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04
9d0c64b5cb663056b6295f677fb794d23ae3999112515beecb7c6703723f493a
9eab36dcdb53201a0aaa3e8b7f0435531daedae047716870379d3a2f919d5fa4
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a6175d081940061cb96a2e8c9c90887b6f603361fe584bb053761581a36cb908
aa25672892696b8b2a82c086ed4c4df1d2c0f6bed268af7686f079fc78604c8c
aa88a95f6cbb11497a787b194bf01e36550fa8a42ecf5c86c447ae522b0386ed
ab3d63bd1c40f20c8494d0577135b606e100598a9c6fcdee8ab901e3faf040f3
ad5d8f9df7e3d9cd3ae22cc3c3a18cd4c696503e64d1522b4da2f067a5de45a4
b172a835742a6505e994ff7794d27687181186ae8e2cda21d07236a96886abce
b1c8e3f5cf04ecbc92a3832dcd4e21efdd0af7e6e57deabafa1a7474ee0ff359
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bd47e11f786a55e1999e5ad7ced555a79c2f1de7b39dac2d20a74d66c495b156
c225459d5137e0b81e86c847dba4fdce6e3435e689ba726201e21fd7d2d0c7df
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c631d3bebb168e8549f41a8137a8681fc6d87da3b1b4c2cd6377b7d79b236caf
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8ed7053559dceb87cab30280e4388cf23c4fa6e07190e122972c8335585a995
cf21f2d5f174078bbe6148701d820117f3f71540b7c33090042215fc824998d2
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d312f39cbae5dd049cf3358304ea3ddf4fa6bb7cc1714041e406f0968e5e42e5
d95ff64206b3fb70f21670d4a720a5dca8da45582a9119cae58eb4890b2a9026
d96359b975ea60541c0a2af5c5de0197241e5e769841ac87cdb8dbb636dac16f
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb66ee7d0a07813a3941ee2d552a0296300cff39d532a3bbb880cc73b54a58a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd37808662afd01c4de0bd00e301a63a4d132a0a80dc775149ef18682548cb0
f61ad0a6425ce7242c0e21f37452615f9e1412dd85acdb56637643a2e23c4ca8
f9c97a35c04beab40881c115d62f741d4571399d3f30971240612f302e1969aa
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fecf08d48dbc946b3487abedf98eda2cc270626b457f350347e67729bb4c007c
ffdbea2a5a9959ea5f9809139a0178c725fa9474a88f1cfe10f702bdb35c3cc0

www.westernjournal.com Open in urlscan Pro 2606:4700:10::6816:264b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

127 Requests

98 %HTTPS

52 %IPv6

38 Domains

50 Subdomains

45 IPs

5 Countries

2777 kBTransfer

8616 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.westernjournal.com Open in urlscan Pro
2606:4700:10::6816:264b Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

98 %
HTTPS

52 %
IPv6

38
Domains

50
Subdomains

45
IPs

5
Countries

2777 kB
Transfer

8616 kB
Size

30
Cookies

127 HTTP transactions
0 data transactions