www.the-journal.com Open in urlscan Pro
107.154.114.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://the-journal.com/
Effective URL:
https://www.the-journal.com/
Submission Tags: tranco_l324
Submission: On November 23 via api (November 23rd 2021, 2:58:26 am UTC) from DE — Scanned from DE

Summary HTTP 221 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 24 domains to perform 221 HTTP transactions. The main IP is 107.154.114.252, located in United States and belongs to INCAPSULA, US. The main domain is www.the-journal.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on October 12th 2021. Valid for: 6 months.

This is the only time www.the-journal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	107.154.102.252 107.154.102.252	19551 (INCAPSULA) (INCAPSULA)
41	107.154.114.252 107.154.114.252	19551 (INCAPSULA) (INCAPSULA)
6	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	52.41.123.208 52.41.123.208	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
30	143.204.98.88 143.204.98.88	16509 (AMAZON-02) (AMAZON-02)
1	50.17.180.6 50.17.180.6	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.6 143.204.98.6	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
8	75.101.244.20 75.101.244.20	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
10	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
10	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
221	38

2 107.154.102.252 (United States) 2 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.102.252.ip.incapdns.net

the-journal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 107.154.114.252 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.252.ip.incapdns.net

www.the-journal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.123.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-123-208.us-west-2.compute.amazonaws.com

prod.ew.dur.navigacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 143.204.98.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-88.fra50.r.cloudfront.net

imengine.public.prod.dur.navigacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.180.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-180-6.compute-1.amazonaws.com

thejournal-co.newsmemory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-6.fra50.r.cloudfront.net

static.ew.dur.navigacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 75.101.244.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-244-20.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.87 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	the-journal.com 2 redirects the-journal.com www.the-journal.com	590 KB
33	googlesyndication.com f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	506 KB
32	navigacloud.com prod.ew.dur.navigacloud.com imengine.public.prod.dur.navigacloud.com static.ew.dur.navigacloud.com	2 MB
24	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	172 KB
19	youtube.com www.youtube.com	1 MB
14	adition.com imagesrv.adition.com ad4.adfarm1.adition.com ad2.adfarm1.adition.com	76 KB
9	google.com www.google.com adservice.google.com	29 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	225 KB
8	postrelease.com jadserve.postrelease.com	4 KB
7	typekit.net use.typekit.net p.typekit.net	157 KB
5	googletagservices.com www.googletagservices.com	172 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	google.de adservice.google.de www.google.de	1 KB
3	facebook.net connect.facebook.net	85 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	ytimg.com i.ytimg.com	30 KB
2	ggpht.com yt3.ggpht.com	3 KB
2	moatads.com z.moatads.com s-jsonp.moatads.com	55 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	newsmemory.com thejournal-co.newsmemory.com	39 KB
1	jsdelivr.net cdn.jsdelivr.net	38 KB
1	jquery.com code.jquery.com	30 KB
1	ntv.io s.ntv.io	114 KB
221	24

	Domain	Requested by
41	www.the-journal.com	www.the-journal.com
30	imengine.public.prod.dur.navigacloud.com	www.the-journal.com
19	www.youtube.com	www.the-journal.com code.jquery.com www.youtube.com
15	pagead2.googlesyndication.com	f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	imagesrv.adition.com	f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com www.the-journal.com imagesrv.adition.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.the-journal.com f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
8	jadserve.postrelease.com	s.ntv.io www.the-journal.com
7	googleads.g.doubleclick.net	2 redirects www.youtube.com f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com www.the-journal.com pagead2.googlesyndication.com
7	www.google.com	www.the-journal.com www.youtube.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	use.typekit.net	www.the-journal.com use.typekit.net
5	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
5	www.googletagservices.com	www.the-journal.com securepubads.g.doubleclick.net f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
3	connect.facebook.net	www.the-journal.com connect.facebook.net
3	fonts.googleapis.com	www.the-journal.com imagesrv.adition.com
2	ad2.adfarm1.adition.com	ad4.adfarm1.adition.com ad2.adfarm1.adition.com
2	ad4.adfarm1.adition.com	f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com ad4.adfarm1.adition.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	www.the-journal.com www.google-analytics.com
2	the-journal.com	2 redirects
1	s-jsonp.moatads.com	www.the-journal.com
1	www.google.de	www.the-journal.com
1	z.moatads.com	s.ntv.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	p.typekit.net	use.typekit.net
1	static.ew.dur.navigacloud.com	www.the-journal.com
1	thejournal-co.newsmemory.com	www.the-journal.com
1	cdn.jsdelivr.net	www.the-journal.com
1	prod.ew.dur.navigacloud.com	www.the-journal.com
1	code.jquery.com	www.the-journal.com
1	s.ntv.io	www.the-journal.com
221	40

This site contains links to these domains. Also see Links.

Domain
darksky.net
obituaries.the-journal.com
www.4cornersjobs.com
secure.adpay.com
subscriptions.the-journal.com
www-archive.env.nm.gov
www.reuters.com
coloradosun.com
www.durangoherald.com
www.coloradocarbonfund.org
www.currentargus.com
www.bennet.senate.gov
www.facebook.com
twitter.com
www.spingo.com
thejournal-co.newsmemory.com
issuu.com
ballantinecommunicationsinc.com
durangoherald.com
adventurepro.us
dgomag.com
directoryplus.com
bcimedia.com
swscene.com
www.fourcornersexpos.com
facebook.com
subscriptions.durangoherald.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-12` - `2022-04-13`	6 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
durangoherald.com Amazon	`2021-03-30` - `2022-04-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-01` - `2021-11-30`	3 months	crt.sh
*.public.prod.dur.navigacloud.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.newsmemory.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-03-31`	2 years	crt.sh
static.ew.dur.navigacloud.com Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2021-05-21` - `2022-06-22`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.the-journal.com/
Frame ID: 69EDECE7C9A8488DCD37D640226C7FFA
Requests: 116 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PeAAwgoSllM
Frame ID: 1E167FAEA8B99792DE64B58B9CC9831D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PeAAwgoSllM
Frame ID: BD0729045819882ACA51A98A20207423
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PeAAwgoSllM
Frame ID: 77DD0F397BA0051DEF728EDBEC233EED
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PeAAwgoSllM
Frame ID: F15BB2CEEFF00FCAF3DDBC88BD45C300
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PeAAwgoSllM
Frame ID: 7F0FDC3F4633E15047CDD6EDC78E93B3
Requests: 18 HTTP requests in this frame

Frame: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E91F9F87397C62D15AFBA51C7C88600C
Requests: 1 HTTP requests in this frame

Frame: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9575E81736CF52849F48B94348F86451
Requests: 14 HTTP requests in this frame

Frame: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 57BD26D35F498B6FDA8606761498A932
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2L5WJPW2sshIVqZDyRRj4MhueN6l_Lcz8WxWbW4elxXI94VhIt3oLm2qcWe1z-lVvDynx88vIOLtO-nHQwPjcAEFG_A-_uR1k_Om1MMS97Is0F59KvAxDZZIQ4yJlztnIH9CopqcdHGM4DH6CaOhUBgmA8YTUfQQIJwiiegv0hfsLTlkcUdG7FTIPHakXMM7kqQZhsMYjRL6jGGUF6O9uWoLSoX7oXls6_2cq0tpsYlYd-C5-WfR1nSj8MTgKTOVdAsVtpXfFYw6O8YzFcpF-44hdo3XxFXgL-9FO3MGGxpyZF0uM_De47NxG4Xo9eos&sai=AMfl-YRDFJ3bgJv2eJfb_owf5-G-DxQhUAi3kusHPRZuRauegWGIUJXA3QMJIevUKlv99h0SV2rlXAjSbB0vF_YoF0WftUTVP8jaxIWHX-fpDbOQ4GcVe8Lfhrr52v-QJsA&sig=Cg0ArKJSzKKU-SLGx-uIEAE&uach_m=[UACH]&adurl=
Frame ID: 4C7D58D6ED6C1D5A7A50E6D2B6FDFBA8
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXPYD5szKK0-IgIc4w5MHLoF88yUifF2oIEuD8_GhpuqA_3Ozi3p_chk5dV08SAhN_bn7p1bcBVv9hsQpQLu2N8Oseg4m9HHY2r9WQS8KPHvvNUh1uJ1XNIuJeVa_JZ8RJkXbCO0eX75tzex5ExH3STWb_ddhP7KmaTdvljNwW_JP_ArGp2blI-wFwl1aW2sW9e7WAyDVQ5shX3BEzfX-WtAIUO4U7tGOYwaKVm5I3RutvfbZlpSsP8J2YAXscLeQTWR_6R4g7RYbA5UVBIBtw-qEtDT_kpSWnsttq8tr2daCM01zPNC3N6_yzkCY&sai=AMfl-YSv9EhVaFbKfmUqJ9NfqYlefJxm-9JE6rGdhvllpBiiq2qx3ZpK_o8oLAgCl_TJDWIOI867WFLURbLDVYQUH-xnSL_05TmJXicyHpD6T-xQd28neCf9n_ul-WHj9sU&sig=Cg0ArKJSzJMxUMeywzLbEAE&uach_m=[UACH]&adurl=
Frame ID: B646B3FB87FA5C8C9979023FC53CE5B0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahi5t_u4ATAB&v=APEucNUTWZ25sFX-H4MuUMbGGll8aroZxVKYxTHC5M-WZN1BXy1eD5oLaX3orQYpeWU3bT5mhQC2m36nLW6IMqMu8CxhNJuhLSoDjxx_AiA0fLQJZd0vcDEvNHtKCVgyXkF35StNn3-Gh8Mdd2yXbkdJTjhcNbY3E_LnjFEqvTrvPZ-jGQ940WY
Frame ID: 5B0FF798D7F44297D1433078056A30B5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A8BE43A19CA1FDA18F4974280ED9B31
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=90&slotname=BCI_DY&adk=1517024827&adf=816031632&pi=t.ma~as.BCI_DY&w=728&url=https%3A%2F%2Fwww.the-journal.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637636301281&bpp=18&bdt=154&idt=88&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&correlator=3855579874316&frm=24&ife=3&pv=2&ga_vid=969802118.1637636301&ga_sid=1637636301&ga_hid=492239144&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2892267074&scr_x=-12245933&scr_y=-12245933&eid=44753657&oid=2&pvsid=2675201851342079&pem=543&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9385dpykn80g&fsb=1&dtd=190
Frame ID: 407DC3C238400F708A42C9B17D3B7156
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: E7656715B6EDD8836CC657F0581B7E02
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F0F577E4BDE719CF3B044FE9C4235611
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAC71D76E1828A1B77C84D5FD3870CBE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 077009EBDC417B3E3789084B7ED4F566
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B4C12E64F36A1CD8416CA7DBD3D7719
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Journal – Breaking news and photos from Durango, Colorado

Page URL History Show full URLs

http://the-journal.com/ HTTP 301
https://the-journal.com/ HTTP 301
https://www.the-journal.com/ Page URL

Page Statistics

221
Requests

96 %
HTTPS

58 %
IPv6

24
Domains

40
Subdomains

38
IPs

4
Countries

6216 kB
Transfer

13569 kB
Size

24
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: http://darksky.net/forecast/37.270500,-107.878700
Title: Full Forecast

Search URL Search Domain Scan URL

URL: http://obituaries.the-journal.com/obituaries/the-journal
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.4cornersjobs.com/
Title: 4CornersJobs

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/SearchResults.aspx?p=8726
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://subscriptions.the-journal.com/circstore
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/searchresultsdisplay.aspx?p=8726&procid=69551aa2-6a02-4245-ab10-589716d81790&searchCategory=2148&Asearch=&searchZip=81302&searchDistance=500&filtercatid=319261
Title: Public Notices

Search URL Search Domain Scan URL

URL: http://obituaries.the-journal.com/obituaries/the-journal/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/SearchResults.aspx?p=8727
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www-archive.env.nm.gov/wp-content/uploads/2020/12/2020-12-21-Flyovers-reveal-high-leak-rates-in-Permian.pdf
Title: reported 61 leaks

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/us-usa-drilling-abandoned-specialreport/special-report-millions-of-abandoned-oil-wells-are-leaking-methane-a-climate-menace-idUSKBN23N1NL
Title: According to data

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/us-usa-drilling-study/u-s-and-canada-underestimating-climate-risk-from-abandoned-oil-and-gas-wells-study-idUSKBN29P2OZ
Title: A 2021 study

Search URL Search Domain Scan URL

URL: https://coloradosun.com/2021/08/22/colorado-orphan-wells-cost-to-plug/
Title: 17,196 inactive wells

Search URL Search Domain Scan URL

URL: https://www.durangoherald.com/articles/la-plata-county-hit-with-f-score-for-ozone-levels/
Title: low grade

Search URL Search Domain Scan URL

URL: https://www.durangoherald.com/articles/latest-draft-of-new-mexico-oil-gas-rules-stirs-tension/
Title: proposed tougher regulations

Search URL Search Domain Scan URL

URL: https://www.durangoherald.com/articles/clearing-the-four-corners-methane-cloud/
Title: emissions come from New Mexico

Search URL Search Domain Scan URL

URL: https://www.coloradocarbonfund.org/southern-ute#:~:text=The%20Southern%20Ute%20Indian%20Tribe,for%20use%20as%20natural%20gas.&text=This%20project%20captures%20methane%2C%20which,gas%20as%20a%20fuel%20resource.
Title: Colorado Carbon Fund

Search URL Search Domain Scan URL

URL: https://www.durangoherald.com/articles/denver-firm-buys-san-juan-basin-oil-wells/
Title: 30,000 wells

Search URL Search Domain Scan URL

URL: https://www.currentargus.com/story/news/local/2021/03/31/new-mexico-spent-millions-plugging-abandoned-oil-and-gas-wells-2020/6989263002/
Title: plugging wells

Search URL Search Domain Scan URL

URL: https://www.bennet.senate.gov/public/index.cfm/2021/6/bennet-reintroduces-legislation-to-clean-up-orphaned-wells-improve-lease-sales-and-strengthen-standards-on-public-lands
Title: introduced legislation

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/should-methane-rules-extend-to-older-wells/&title=Should%20methane%20rules%20extend%20to%20older%20wells%3F

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Should%20methane%20rules%20extend%20to%20older%20wells%3F+https://www.the-journal.com/articles/should-methane-rules-extend-to-older-wells/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/mancos-beats-sanford-in-state-semifinals/&title=Mancos%20beats%20Sanford%20in%20state%20semifinals

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Mancos%20beats%20Sanford%20in%20state%20semifinals+https://www.the-journal.com/articles/mancos-beats-sanford-in-state-semifinals/

Search URL Search Domain Scan URL

URL: https://coloradosun.com/
Title: The Colorado Sun is a reader-supported, nonpartisan news organization dedicated to covering Colorado issues. To learn more, go to coloradosun.com

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/polis-releases-budget-proposal-focused-on-crime-homelessness-and-business-recovery/&title=Polis%20releases%20budget%20proposal%20focused%20on%20crime%2C%20homelessness%20and%20business%20recovery

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Polis%20releases%20budget%20proposal%20focused%20on%20crime%2C%20homelessness%20and%20business%20recovery+https://www.the-journal.com/articles/polis-releases-budget-proposal-focused-on-crime-homelessness-and-business-recovery/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/southwest-colorado-expected-to-receive-moisture-from-atmospheric-river-moving-in-from-pacific/&title=Southwest%20Colorado%20expected%20to%20receive%20moisture%20from%20%E2%80%98atmospheric%20river%E2%80%99%20moving%20in%20from%20Pacific

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Southwest%20Colorado%20expected%20to%20receive%20moisture%20from%20%E2%80%98atmospheric%20river%E2%80%99%20moving%20in%20from%20Pacific+https://www.the-journal.com/articles/southwest-colorado-expected-to-receive-moisture-from-atmospheric-river-moving-in-from-pacific/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/snow-storm-moves-through-the-san-juan-mountains-on-tuesday/&title=Snow%20storm%20moves%20through%20the%20San%20Juan%20Mountains%20on%20Tuesday

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Snow%20storm%20moves%20through%20the%20San%20Juan%20Mountains%20on%20Tuesday+https://www.the-journal.com/articles/snow-storm-moves-through-the-san-juan-mountains-on-tuesday/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/snowstorm-hits-southwest-colorado/&title=Photos%3A%20Snowstorm%20arrives%20in%20Southwest%20Colorado

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Photos%3A%20Snowstorm%20arrives%20in%20Southwest%20Colorado+https://www.the-journal.com/articles/snowstorm-hits-southwest-colorado/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/mark-redwine-sentenced-for-the-murder-of-his-son/&title=Mark%20Redwine%20sentenced%20for%20the%20murder%20of%20his%20son

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Mark%20Redwine%20sentenced%20for%20the%20murder%20of%20his%20son+https://www.the-journal.com/articles/mark-redwine-sentenced-for-the-murder-of-his-son/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/video-watch-the-sentencing-hearing-for-mark-redwine/&title=VIDEO%3A%20Watch%20the%20sentencing%20hearing%20for%20Mark%20Redwine

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=VIDEO%3A%20Watch%20the%20sentencing%20hearing%20for%20Mark%20Redwine+https://www.the-journal.com/articles/video-watch-the-sentencing-hearing-for-mark-redwine/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/colorado-father-sentenced-to-prison-for-killing-13-year-old-son-dylan-redwine/&title=Colorado%20father%20sentenced%20to%20prison%20for%20killing%2013-year-old%20son%2C%20Dylan%20Redwine

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Colorado%20father%20sentenced%20to%20prison%20for%20killing%2013-year-old%20son%2C%20Dylan%20Redwine+https://www.the-journal.com/articles/colorado-father-sentenced-to-prison-for-killing-13-year-old-son-dylan-redwine/

Search URL Search Domain Scan URL

URL: https://coloradosun.com/2021/10/01/ron-hanks-announces-senate-bid/
Title: coloradosun.com

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.the-journal.com/articles/controversial-republican-state-rep-ron-hanks-files-to-run-for-u-s-senate-in-2022/&title=Controversial%20Republican%20state%20Rep.%20Ron%20Hanks%20files%20to%20run%20for%20U.S.%20Senate%20in%202022

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Controversial%20Republican%20state%20Rep.%20Ron%20Hanks%20files%20to%20run%20for%20U.S.%20Senate%20in%202022+https://www.the-journal.com/articles/controversial-republican-state-rep-ron-hanks-files-to-run-for-u-s-senate-in-2022/

Search URL Search Domain Scan URL

URL: https://www.spingo.com/submit/?partnerId=574
Title: Add Event

Search URL Search Domain Scan URL

URL: https://thejournal-co.newsmemory.com/

Search URL Search Domain Scan URL

URL: https://issuu.com/durangoherald/docs/bestofcortez2021is

Search URL Search Domain Scan URL

URL: https://ballantinecommunicationsinc.com/
Title: Ballantine Communications, Inc.

Search URL Search Domain Scan URL

URL: https://durangoherald.com/
Title: Durango Herald

Search URL Search Domain Scan URL

URL: https://adventurepro.us/
Title: Adventure Pro

Search URL Search Domain Scan URL

URL: https://dgomag.com/
Title: DGO

Search URL Search Domain Scan URL

URL: https://directoryplus.com/
Title: Directory Plus

Search URL Search Domain Scan URL

URL: https://bcimedia.com/
Title: BCI Media Services

Search URL Search Domain Scan URL

URL: https://swscene.com/
Title: Southwest Scene

Search URL Search Domain Scan URL

URL: https://www.fourcornersexpos.com/
Title: Four Corners Expos

Search URL Search Domain Scan URL

URL: https://www.4cornersjobs.com/BrowseJobs
Title: Browse Local Jobs

Search URL Search Domain Scan URL

URL: https://ballantinecommunicationsinc.com/careers
Title: Careers With Us

Search URL Search Domain Scan URL

URL: https://facebook.com/TheJournalCO
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TheJournalCO
Title: Twitter

Search URL Search Domain Scan URL

URL: https://subscriptions.durangoherald.com/circstore
Title: Subscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://the-journal.com/ HTTP 301
https://the-journal.com/ HTTP 301
https://www.the-journal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 127

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-8x1Xj5FP02ZAMS-RDDDg&google_cver=1

Request Chain 178

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZxYzW7ibcNNJD6iwfLpOwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-8x1Xj5FP02ZAMS-RDDDg&google_cver=1

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDmn3RTaWljv8dHdrAQBXYU&google_cver=1

Request Chain 180

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxODQ4NzM5NDU0OTIwMTI3Ng%3D%3D

221 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.the-journal.com/
Redirect Chain

http://the-journal.com/
https://the-journal.com/
https://www.the-journal.com/

243 KB
54 KB

908ms
862ms

Document
text/html

107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: imio /
Resource Hash: 2a6bcac59a8b74326ad35375cd19f5827f31992349e020e49031f515b4987d6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1637636309
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
link: <https://www.the-journal.com/wp-json/>; rel="https://api.w.org/" <https://www.the-journal.com/>; rel=shortlink
content-encoding: gzip
warning: 110 d7ad80e692cb "Response is stale"
pragma: no-cache
via: 1.1 d7ad80e692cb
x-cache: HIT from d7ad80e692cb
age: 72
server: imio
expires: 0
x-cdn: Imperva
x-iinfo: 5-51471993-51471994 NNNN CT(165 338 0) RT(1637636297562 0) q(0 0 5 1) r(7 9) U12

Redirect headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1637636306
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
warning: 110 9addf8616ff3 "Response is stale"
x-cache: HIT from 9addf8616ff3
via: 1.1 9addf8616ff3
location: https://www.the-journal.com/
age: 65
server: imio
expires: 0
x-cdn: Imperva
x-iinfo: 13-33323291-33323292 NNNN CT(82 152 0) RT(1637636297642 0) q(0 0 2 -1) r(3 3) U11

GET
H2 200 ibr8mku.css
use.typekit.net/ 17 KB
2 KB 161ms
146ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ibr8mku.css

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f1daf843c091a604088d813b267672b260545912bc664344183d572b6889ffd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 23 Nov 2021 02:58:19 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1671

GET
H2 200 css
fonts.googleapis.com/ 985 B
470 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Teko:500

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b33d644dc618b1059c434355d0689aec80860d5f4fbf839b9ccff9cc8d16bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 02:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 02:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 02:58:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1015 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8597b93ad3200bd0d5bf0f8ff0127d87c791efa62ad8e8f043dcd834a4753493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 02:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 02:58:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 02:58:19 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 392 KB
114 KB 53ms
17ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6a424d31fddf83e59bf6bef7e76582aa3ef2730c06e3b165f9bde255058b48c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 02:58:19 GMT
Content-Encoding: gzip
x-amz-request-id: E3XBPCRTPCB32A2M
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: H1WnUM2PwmWQdQVJj3SiPUegdaeprnnj6QtU3hoA2bC2xQiCUMtSS8HBvylp5dmO3W/T5JPesIs=
Last-Modified: Mon, 22 Nov 2021 15:34:51 GMT
Server: AmazonS3
ETag: "b489e5637690868ad25671ac98727a6c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 styles.css
www.the-journal.com/wp-content/plugins/contact-form-7/includes/css/ 1 KB
808 B 12ms
8ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 85d571bd94b34bcdb672e3c3016f84e91fd938033ffa726f003fc7b4da0ca8fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:13:45 GMT
x-cdn: Imperva
etag: W/"60f96f09-695"
content-type: text/css
x-iinfo: 5-51472148-0 0CNN RT(1637636298449 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=20927187, public
content-length: 615
expires: Sat, 23 Jul 2022 08:04:45 GMT

GET
H2 200 yop-poll-public-6.2.3.css
www.the-journal.com/wp-content/plugins/yop-poll/public/assets/css/ 156 KB
21 KB 14ms
9ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/plugins/yop-poll/public/assets/css/yop-poll-public-6.2.3.css?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 11d71303fd0391b4908ca476405a409f1cafb231e1cf1bf589bec0b3da52e720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:13:45 GMT
x-cdn: Imperva
etag: W/"60f96f09-26e9f"
content-type: text/css
x-iinfo: 5-51472149-0 0CNN RT(1637636298452 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=21266557, public
content-length: 21425
expires: Wed, 27 Jul 2022 06:20:55 GMT

GET
H2 200 style.css
www.the-journal.com/wp-content/themes/everyware-theme-base-1/ 188 B
319 B 15ms
10ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/everyware-theme-base-1/style.css?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: c7733029997214ea393d9f81e74a710de87d65ac9dff442927108e0d421c51cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:14:23 GMT
x-cdn: Imperva
etag: W/"60f96f2f-bc"
content-type: text/css
x-iinfo: 5-51472150-0 0CNN RT(1637636298454 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=21267460, public
content-length: 157
expires: Wed, 27 Jul 2022 06:35:58 GMT

GET
H2 200 base-theme.min.css
www.the-journal.com/wp-content/themes/durango/css/ 29 KB
6 KB 17ms
13ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/css/base-theme.min.css?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: ebe8dc90e0e1e958adaccbbb222051f6d8e6c9dd47de2023bf213f9a87e2e846

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-7384"
content-type: text/css
x-iinfo: 5-51472151-0 0CNN RT(1637636298457 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784036, public
content-length: 6003
expires: Sat, 17 Sep 2022 13:12:14 GMT

GET
H2 200 understrap.min.css
www.the-journal.com/wp-content/themes/everyware-theme-base-1/css/ 252 KB
35 KB 19ms
14ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/everyware-theme-base-1/css/understrap.min.css?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 7957958e558b7ff0e29f946e66af0ad96c9b22d9bd623740b37b2d3b9675de43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:14:23 GMT
x-cdn: Imperva
etag: W/"60f96f2f-3efe5"
content-type: text/css
x-iinfo: 5-51472152-0 0CNN RT(1637636298458 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=20927189, public
content-length: 35587
expires: Sat, 23 Jul 2022 08:04:47 GMT

GET
H2 200 main.css
www.the-journal.com/wp-content/themes/durango/css/ 148 KB
21 KB 23ms
19ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/css/main.css?ver=202110211022
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 79e8b8b16fd74b900c2fb753e9bdcf48dd54aa91f2c99c831387509994fca764

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 12:13:52 GMT
x-cdn: Imperva
etag: W/"616eb680-24ec8"
content-type: text/css
x-iinfo: 5-51472153-0 0CNN RT(1637636298460 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=28804807, public
content-length: 21516
expires: Sat, 22 Oct 2022 12:18:25 GMT

GET
H2 200 thejournal.css
www.the-journal.com/wp-content/themes/durango/css/ 14 KB
3 KB 24ms
20ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/css/thejournal.css?ver=202110150849
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: c40cd261bd5f5743502f267c89a1d9f087035e82a4472763e472195e32d8940d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 12:25:06 GMT
x-cdn: Imperva
etag: W/"61697322-373b"
content-type: text/css
x-iinfo: 5-51472154-0 0CNN RT(1637636298461 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=28202400, public
content-length: 2548
expires: Sat, 15 Oct 2022 12:58:18 GMT

GET
H2 200 style.css
www.the-journal.com/wp-content/themes/durango/assets/css/ 0
181 B 25ms
21ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/assets/css/style.css?ver=180a1769324805b8c8cb667663f14de812f1a95f
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 14:01:25 GMT
x-cdn: Imperva
etag: W/"617ff335-0"
content-type: text/css
x-iinfo: 5-51472155-0 0CNN RT(1637636298463 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29847852, public
content-length: 20
expires: Thu, 03 Nov 2022 14:02:30 GMT

GET
H2 200 slick.css
www.the-journal.com/wp-content/themes/durango/slick/ 1 KB
631 B 25ms
21ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/slick/slick.css?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: c569951d4abd4b4efe25bf2b4a19f174385eacc39fe063fcba3b3dc7d8bb03b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-6f0"
content-type: text/css
x-iinfo: 5-51472156-0 0CNN RT(1637636298464 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784035, public
content-length: 491
expires: Sat, 17 Sep 2022 13:12:13 GMT

GET
H2 200 slick-theme.css
www.the-journal.com/wp-content/themes/durango/slick/ 3 KB
1006 B 25ms
21ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/slick/slick-theme.css?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 88dea3842c3eeb781bdfa182fabf5cc4d799f2e75e3825839e4d6a9540978da5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-cde"
content-type: text/css
x-iinfo: 5-51472157-0 0CNN RT(1637636298465 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784035, public
content-length: 910
expires: Sat, 17 Sep 2022 13:12:13 GMT

GET
H2 200 style.css
www.the-journal.com/wp-content/themes/durango/ 209 B
298 B 25ms
21ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/style.css?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 38114c5de35349d4e12d5fcde4d20432ef6586c760a22712f8682e3a0a750a1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-d1"
content-type: text/css
x-iinfo: 5-51472158-0 0CNN RT(1637636298466 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784034, public
content-length: 160
expires: Sat, 17 Sep 2022 13:12:12 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 86ms
28ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js?ver=3.3.1
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1637636299.dop015.ml1.t,1637636299.cds222.ml1.hn,1637636299.cds213.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 login-modal.js Show response
www.the-journal.com/wp-content/themes/durango/js/ 812 B
510 B 26ms
22ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/js/login-modal.js?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 4d788357d10fca0d5e377c170d397a7919beb3616bbb69e2b95d1db9b4710029

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-4c0"
content-type: application/javascript
x-iinfo: 5-51472159-0 0CNN RT(1637636298467 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784034, public
content-length: 395
expires: Sat, 17 Sep 2022 13:12:12 GMT

GET
H2 200 yop-poll-public-6.2.3.min.js Show response
www.the-journal.com/wp-content/plugins/yop-poll/public/assets/js/ 45 KB
11 KB 27ms
24ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/plugins/yop-poll/public/assets/js/yop-poll-public-6.2.3.min.js?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 806456e4bd3904caaf6c815ffc9014c1133c9a13a4f7654fffcd9e376b5385b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 13:35:12 GMT
x-cdn: Imperva
etag: W/"61040010-b2cb"
content-type: application/javascript
x-iinfo: 5-51472160-0 0CNN RT(1637636298468 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=21813867, public
content-length: 11539
expires: Tue, 02 Aug 2022 14:22:45 GMT

GET
H2 200 main.js Show response
www.the-journal.com/wp-content/themes/durango/js/ 14 KB
3 KB 28ms
25ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/js/main.js?ver=202110211022
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: d356306883d801f98b56d3c229f8a6e6dd1d900b7588ff96c855e37f0cf0d47f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 12:14:34 GMT
x-cdn: Imperva
etag: W/"6172ab2a-48f9"
content-type: application/javascript
x-iinfo: 5-51472161-0 0CNN RT(1637636298470 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=28938390, public
content-length: 3022
expires: Mon, 24 Oct 2022 01:24:48 GMT

GET
H2 200 jwplayer.js Show response
www.the-journal.com/wp-content/themes/durango/js/ 214 KB
61 KB 28ms
25ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/js/jwplayer.js?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 3f317580bdc191899303a8dccb293fc8d11dfcccc94818622c008285645d3f57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-356cb"
content-type: application/javascript
x-iinfo: 5-51472162-0 0CNN RT(1637636298471 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784035, public
content-length: 62040
expires: Sat, 17 Sep 2022 13:12:13 GMT

GET
H2 200 paywall.js Show response
www.the-journal.com/wp-content/themes/durango/js/ 14 KB
4 KB 30ms
27ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/js/paywall.js?ver=202108171426
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 3716d065240458c2eef8cf502c0d3ed6096d48a945b832839874759739de4beb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-4118"
content-type: application/javascript
x-iinfo: 5-51472163-0 0CNN RT(1637636298472 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784035, public
content-length: 3986
expires: Sat, 17 Sep 2022 13:12:13 GMT

GET
H2 200 cookie.js Show response
www.the-journal.com/wp-content/themes/durango/js/ 2 KB
920 B 31ms
28ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/js/cookie.js?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: f288c846c9e301ccbf6afc835de4a8eb87441045bed3391c1b8fcc0810fa23fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-7a0"
content-type: application/javascript
x-iinfo: 5-51472164-0 0CNN RT(1637636298472 1) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784035, public
content-length: 823
expires: Sat, 17 Sep 2022 13:12:13 GMT

GET
H2 200 head.js Show response
www.the-journal.com/wp-content/themes/durango/assets/js/ 511 B
405 B 31ms
28ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/assets/js/head.js?ver=180a1769324805b8c8cb667663f14de812f1a95f
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: b0904426b658f49f43280cc6ba75d9dc9fbe6a764b7c9fc2c11897c30af3f3e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 14:01:25 GMT
x-cdn: Imperva
etag: W/"617ff335-224"
content-type: application/javascript
x-iinfo: 5-51472165-0 0CNN RT(1637636298473 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29847852, public
content-length: 308
expires: Thu, 03 Nov 2022 14:02:30 GMT

GET
H2 200 / Show response
prod.ew.dur.navigacloud.com/ 0
310 B 620ms
208ms Script
text/html 52.41.123.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.ew.dur.navigacloud.com/?dm=57c9b89633572b02cc3fff738d631684&action=load&blogid=4&siteid=1&t=392668498&back=https%3A%2F%2Fwww.the-journal.com%2F
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.123.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-123-208.us-west-2.compute.amazonaws.com
Software: imio /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:19 GMT
content-encoding: gzip
server: imio
age: 10
vary: Accept-Encoding
x-cache: HIT from d7ad80e692cb
content-type: text/html; charset=UTF-8
via: 1.1 d7ad80e692cb
x-ratelimit-remaining: 999
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 1637636309
x-ratelimit-limit: 1000
expires: 0

GET
H2 200 foundation.min.js Show response
cdn.jsdelivr.net/npm/foundation-sites@6.6.3/dist/js/ 178 KB
38 KB 36ms
17ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/foundation-sites@6.6.3/dist/js/foundation.min.js

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51177ce27c9440f635c6bfef9bd3aab0b52a97d5bc8540e2e3a9ad8f4c46f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.the-journal.com/
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2359076
x-jsd-version: 6.6.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19167-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2c73d-pLjSDYklCYoc1Mafcq5YwhfHQJY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b2722979d6d5c0e-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d872f0ea2bb502905b7e23ce35f353acbf8b65ac75cef021b4872ab444e68c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.the-journal.com/
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LR5rSeN1sAnKfreWEf/4rg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Ma7kTg2JkAyePnSmQ5CaHHBrMfyA+5AztMnmYqgAcgr2yfeidYNGgz1P6vodDsnGCCDFZbL2pgmTBUwg7lmi1w==
x-fb-trip-id: 2050670934
x-fb-content-md5: 20c4dd0a6ed3a6bc911441267f583c5c
x-frame-options: DENY
date: Tue, 23 Nov 2021 02:58:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d01e3611fe544eae578ea8e8b83aa0cb"
timing-allow-origin: *
expires: Tue, 23 Nov 2021 03:06:04 GMT

GET
H2 200 clear-night.png
www.the-journal.com/wp-content/themes/durango/images/weather-icons/ 34 KB
34 KB 10ms
10ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/images/weather-icons/clear-night.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 8fd5b20477b840eea6c67b3ed1840d37eba58327ed5652a6ce60f5c3c11e9d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-88b8"
content-type: image/png
x-iinfo: 5-51472234-0 0CNN RT(1637636298887 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1993, public
content-length: 35000
expires: Tue, 23 Nov 2021 03:31:31 GMT

GET
H2 200 clear-day.png
www.the-journal.com/wp-content/themes/durango/images/weather-icons/ 35 KB
35 KB 9ms
9ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/images/weather-icons/clear-day.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 4593176c4d7a1f1b74080f576e151f52aebc5b2fe9f4c9c2c884f77a4a0b0115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-8a84"
content-type: image/png
x-iinfo: 5-51472236-51471219 2CNN RT(1637636298896 0) q(0 0 0 -1) r(0 0) U19
cache-control: max-age=59263, public
content-length: 35460
expires: Tue, 23 Nov 2021 19:26:02 GMT

GET
H2 200 rain.png
www.the-journal.com/wp-content/themes/durango/images/weather-icons/ 40 KB
40 KB 9ms
9ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/images/weather-icons/rain.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 6ee100f4e088e1b9934b3a17565155185435d4420824d260c48d5eb99ebb8312

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-9ff2"
content-type: image/png
x-iinfo: 5-51472241-51466389 2CNN RT(1637636298907 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=22361, public
content-length: 40946
expires: Tue, 23 Nov 2021 09:10:59 GMT

GET
H2 200 top-bar-logo.png
www.the-journal.com/wp-content/themes/durango/images/thejournal/ 25 KB
25 KB 8ms
8ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/images/thejournal/top-bar-logo.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: e5b7f18cc4c5713c6fc95da71e3b22bf0a3ad4d66ce0df9781b0bc2a3f1b924b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-6459"
content-type: image/png
x-iinfo: 5-51472242-0 0CNN RT(1637636298917 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=24394, public
content-length: 25689
expires: Tue, 23 Nov 2021 09:44:52 GMT

GET
H2 200 default_logo.png
www.the-journal.com/wp-content/themes/durango/images/thejournal/ 28 KB
28 KB 9ms
9ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/images/thejournal/default_logo.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: e2c590879e4cab6b4157a626582df9f06614ebfbddf7f92212a4836f07b96e48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-6e1f"
content-type: image/png
x-iinfo: 5-51472243-51468184 2CNN RT(1637636298927 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=24664, public
content-length: 28191
expires: Tue, 23 Nov 2021 09:49:22 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 41 KB
41 KB 496ms
463ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=04602FD9-541F-4D95-8DFD-9E0AB4979A8D&function=hardcrop&type=primary&source=false&width=800
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c9614f5ea459a09a2b65080d3b9de02e4414654dd721ced016d0f5450a44c6f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Nov 2021 02:58:20 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 02:58:20 +0000
server: nginx
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: 9ge7btV6_UpuM2z3KvdX1jJ-AHk4Osbu4goYmInRUgRASHPKiCTzeg==
expires: Sun, 22 May 2022 02:58:20 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 34 KB
34 KB 458ms
458ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=877890e6-a74c-58fb-9b41-cf34dd8c734f&type=preview&function=cropresize&width=600&height=400&crop_w=0.88875&crop_h=0.99999&x=0.00625&y=0
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: a953dd944057bd91c8fa466e6ed217f668be389693ef8d4834a4384daf6b063f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Nov 2021 02:58:20 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 02:58:20 +0000
server: nginx
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: CIY0ibcbV3j_sz_51DfT1YWu8g34DKflVLBMTBBZtFNuZ6UZijbqkg==
expires: Sun, 22 May 2022 02:58:20 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 48 KB
48 KB 18ms
10ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=7AFAB1A5-5E38-4331-A5DB-8E4F2E6926DC&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e51e3aad2cadfc06bb7915a170351cbc6db133089a5c510a61f1d88a6d148c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Nov 2021 20:42:12 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 20:42:12 +0000
server: nginx
age: 22568
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6akfPBvinkXlecl3hVwckm0wx_qoO-fl2hONufJebgLTPJV8UHngdQ==
expires: Sat, 21 May 2022 20:42:12 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 33 KB
34 KB 461ms
452ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=494b8a1f-66b1-59f7-a279-e31a2221ffc8&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 97dd3e71f8c61a3983980058ca06e148de55c2dd15df4a22579c2baa797911d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Nov 2021 02:58:20 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 02:58:20 +0000
server: nginx
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: h6w2UeeKrFZDCqt8HIOPn099NySagH_RyyG58skdwcYCkJnKevjs9g==
expires: Sun, 22 May 2022 02:58:20 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 55 KB
55 KB 25ms
17ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=1a7db0ea-ed81-5757-9f86-8d74d6ddfe81&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 2d7ff45a750555d253670331bad2ce688d93b626507e99a16c8e292d746645c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Nov 2021 16:41:38 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 16:41:38 +0000
server: nginx
age: 123402
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: sBXi_m9eE8M_5PfTF0bQxlUBMkXWFNYT4fVRqEv9L1wmWxIJ3n0Eiw==
expires: Fri, 20 May 2022 16:41:38 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 26 KB
26 KB 25ms
16ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=A95C1E71-6682-426A-AA92-EE22617FA1FE&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 8009951f2c5ff03d4f6ba32de70ca4671df3d8ec258bcd7f4a81fd767eadee6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Nov 2021 02:14:57 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 02:14:57 +0000
server: nginx
age: 89003
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: g8AK2r4vw7OkoKdqBmKbDJCicivc9hZaq3fH1QciD4FWdVvwXN-jBg==
expires: Sat, 21 May 2022 02:14:57 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 28 KB
29 KB 37ms
29ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=cc006f47-57a7-508f-bdff-d171de2177ee&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 009fcda715f482efc75b408f44e22fdaed1ee31318b5877fea89d36effa5e75d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Nov 2021 14:17:03 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 14:17:03 +0000
server: nginx
age: 132077
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zo-Pl9tntvrR_zfuEt1tmdK6uL1jmmDkbyezS3I23jERfy9NGK0Fcg==
expires: Fri, 20 May 2022 14:17:03 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 25 KB
25 KB 39ms
31ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=74BDD00E-87B2-4BEA-AF17-834434303928&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 862ee1980493ba1eee6e287f952d3fd82610d0bd353f71ad25efe95251433de3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Nov 2021 02:02:34 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 02:02:34 +0000
server: nginx
age: 176146
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IjltHK1h6G6GZxrawT3VQQEvHaKgmmYRlVlgYhKxaVup3re9DRT5Qw==
expires: Fri, 20 May 2022 02:02:34 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 54 KB
54 KB 58ms
50ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=f0697f39-289b-5bc3-875f-16d103a7ff2c&type=preview&function=cropresize&width=600&height=400&crop_w=0.77375&crop_h=0.99999&x=0.16875&y=0
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 3bdf9327e35b1e35aca06c108aef9209415d4d204b867abfb85d55a9618a6399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sat, 20 Nov 2021 20:27:05 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sat, 20 Nov 2021 20:27:05 +0000
server: nginx
age: 196275
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Bd7PSEkaAEUCsz4EhImRugnnFDCR-0tOtN1qOCQzQEAgFryoJCWfXQ==
expires: Thu, 19 May 2022 20:27:05 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 35 KB
35 KB 33ms
26ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=7733037a-32f0-52e7-b5bb-9e2041feba1c&type=preview&function=cropresize&width=600&height=400&crop_w=0.75125&crop_h=0.99999&x=0.07625&y=0
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 23b4e946dddf92269d0882610014d48217ad0d1b3912fc80c17ddefb69323a37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sat, 20 Nov 2021 10:21:35 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sat, 20 Nov 2021 10:21:35 +0000
server: nginx
age: 232605
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ch5tklcLd-S-p7fmewxeTwQY1V4ibnrO-85oSaREyT_jJqq6gldoAw==
expires: Thu, 19 May 2022 10:21:35 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 41 KB
41 KB 35ms
27ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=80692dfd-0455-53e7-a4cd-366e3f19be4b&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 426c120ab0c396ef1af52e22fef905e7aef7d8c87a92bba6e7ef86d67991644f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sat, 20 Nov 2021 10:21:35 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sat, 20 Nov 2021 10:21:35 +0000
server: nginx
age: 232605
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -ylNjXA7SHv1T2q4ywFWlfdUaDIMTvnTiYUXKIAfPyT_ZIYLFAinlg==
expires: Thu, 19 May 2022 10:21:35 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 25 KB
26 KB 58ms
50ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=22673889-ec53-5a48-9794-91ac0da9344b&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: de765e9d0f6f9a818c07d0fe0724bae4394ed6e203004320777abae9038e56d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sat, 20 Nov 2021 03:14:53 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sat, 20 Nov 2021 03:14:53 +0000
server: nginx
age: 258207
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fxSmsOXOq93t9e-cKnn8-rZdHM6THqLy2RJ1Eua3ctEASE6MpGufWw==
expires: Thu, 19 May 2022 03:14:53 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 17 KB
18 KB 37ms
30ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=683991f6-32cc-59dd-8c5b-221648204c0d&type=preview&function=cropresize&width=600&height=400&crop_w=0.99999&crop_h=0.7731958762886598&x=0&y=0.05798969072164949
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e686e4911f62a21a1fa7309f439bef7e3652e326e3b965c57152bfb3d23cd152

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Nov 2021 22:37:21 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Fri, 19 Nov 2021 22:37:21 +0000
server: nginx
age: 274859
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JzKDiMTWBFdiX-56g2lZj2XNQQ8cr9SDLlXMQ3R4OMA3ZZBSYfk0eg==
expires: Wed, 18 May 2022 22:37:21 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 29 KB
30 KB 57ms
49ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=6db12a8b-1437-5023-adc4-5734d36197b3&function=thumbnail&type=preview&source=false&width=420&height=235
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: d4c534ad98f69f04176770bc17c4920ef79209915dd1b354721189466f07c7a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Nov 2021 20:42:12 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 20:42:12 +0000
server: nginx
age: 22568
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IfshwZBDUSKb0pPZX97Evz6v0G2e2-UdTKyF3e4zEBs_nhC-CDR2sQ==
expires: Sat, 21 May 2022 20:42:12 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 21 KB
21 KB 71ms
64ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=0c680ae3-6170-55f8-96b4-2e4abdedf978&type=preview&function=cropresize&width=420&height=235&crop_w=0.99999&crop_h=0.8395522388059702&x=0&y=0.08022388059701492
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 9b7e2e7673fcfed5d99583872b35c8fff6d45421b2cce8959a54fd081a810e90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Nov 2021 01:23:41 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 01:23:41 +0000
server: nginx
age: 5679
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: W8Gl4JhvqRygoYavkhRmltyuqRPoF2Gr-6sBX-BhMqw-d1RBYFdySw==
expires: Sun, 22 May 2022 01:23:41 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 204 KB
204 KB 57ms
50ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=73834a96-7390-5b1b-af80-b9b5f1ee77bc&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 57f37afbc85e2a39d505348f44ef4951182a7274c18469fc060a5d85d9f2cfd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Nov 2021 14:17:03 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 14:17:03 +0000
server: nginx
age: 132077
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rw8MqSQ5io5MnZZpCh1DVsKhfNIAW8GtE0IbTjcPfsL2A0BgxbI_lw==
expires: Fri, 20 May 2022 14:17:03 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 105 KB
106 KB 44ms
38ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=e8aac628-dba8-5e85-9337-a9f24115f7f9&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 82b427bd741c66ade5e0da938059a1abbb69eaea64d44d9a83c578d1b5a1fe68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 02 Nov 2021 00:42:28 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Tue, 02 Nov 2021 00:42:28 +0000
server: nginx
age: 1822552
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TQ4v9euiejkH1gokRNlcBl73-7ArCG8sHwo5sS85jCI9FrZh0T6vhg==
expires: Sun, 01 May 2022 00:42:28 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 239 KB
239 KB 38ms
31ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=36d87cb5-c59b-5445-8aad-f6db04c3e0e2&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e8fd44b2959e174108d7f740a61723af1e3078710547b3e33f2e1892349afd12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Oct 2021 23:09:30 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sun, 24 Oct 2021 23:09:30 +0000
server: nginx
age: 2519330
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fxGAOqiwmLsV1G-lH6B_C9iZIBzefr6TMCAvJ_MHoeiaMYM_JWK7Ng==
expires: Fri, 22 Apr 2022 23:09:30 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 107 KB
108 KB 43ms
36ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=6533da6e-7802-57f5-9b15-a774ecf24157&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 37db078c2b23556af31ce07da48feb4cd46ff18d886f9460507e384489f9617a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Oct 2021 01:31:00 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Wed, 13 Oct 2021 01:30:54 +0000
server: nginx
age: 3547640
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cMjI33y2jYX2F9fOe-QPWkGZQdFPVBrLPXne_yZxybhLKxrLk_E3iA==
expires: Mon, 11 Apr 2022 01:30:54 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 359 KB
360 KB 45ms
39ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=48b1ae3d-f304-584a-bd67-9b98364b31c8&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: f77461e0aec0426f4f2cb822c480575e3185d9faa8eb7bf39c9022d98d79de27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Nov 2021 14:17:03 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 14:17:03 +0000
server: nginx
age: 132077
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RCByWW0QWMRvrwJlELDZaIufKcmtBBr3LeeZtTp9BFax2BbzDZy10w==
expires: Fri, 20 May 2022 14:17:03 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 208 KB
209 KB 51ms
45ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=45136460-01ae-5375-bc8f-53226e094634&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 63b04a2c7bb9875846ca4d385f339d1253a5623fba405014b64e0d7fbd361785

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Nov 2021 14:17:03 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sun, 21 Nov 2021 14:17:03 +0000
server: nginx
age: 132077
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Gm0ELOGDVAyZGayl9CPHaln_VyUHgwAuY0T_w9O0ijdmJYrQUXEbig==
expires: Fri, 20 May 2022 14:17:03 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 138 KB
138 KB 55ms
49ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=62242cc2-e4cf-5ed1-8d8a-79741b825b1d&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 0a82cca628e64d47282eaf4006e75db5587bcdf6141653668d1de2f61bc116c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 08 Oct 2021 19:36:37 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 19:36:37 +0000
server: nginx
age: 3914503
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gL4lbPP9Yfq3K3TF3CNllkUZ3vUhr74tWjMpNE4uXjwVEo9UHCl49w==
expires: Wed, 06 Apr 2022 19:36:37 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 41 KB
41 KB 53ms
48ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=9262608b-c80d-55e6-85f6-373579364b63&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 19dd72117fdacd7283996ce3b5c14bf3a721548efbe48206869c1b606724e7a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sat, 02 Oct 2021 06:38:51 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sat, 02 Oct 2021 06:38:51 +0000
server: nginx
age: 4479569
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4z07r7ucX0HppFK-X8zkIZJ6O5Ri5_iIpEha57m7zNZhmV5sWVlAmg==
expires: Thu, 31 Mar 2022 06:38:51 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 81 KB
81 KB 54ms
48ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=B38019A7-CE03-459C-800E-A19D38798160&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: aaf36a080972aec70025f6558f218a57a74770aa06d5f0152e29902799852f63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 01 Oct 2021 21:45:47 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Fri, 01 Oct 2021 21:45:47 +0000
server: nginx
age: 4511552
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: z8CNSSJIV6uwwW064HGBsV7Ah8Og_En3LeVWhIZAbyZfKp6M_9Z6vg==
expires: Wed, 30 Mar 2022 21:45:47 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 19 KB
19 KB 56ms
50ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=494b8a1f-66b1-59f7-a279-e31a2221ffc8&function=thumbnail&type=preview&source=false&width=420&height=235
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 1d08e25f9ad9e53b29abe11ceabca06fbeabae92b50fa8804d271c634388f4d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Nov 2021 20:42:12 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 20:42:12 +0000
server: nginx
age: 22568
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: r6ifraegXA_wupO2MfI2RT7zFy77HCDw23wymD1AC2gpkcJIWejJXQ==
expires: Sat, 21 May 2022 20:42:12 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 16 KB
17 KB 72ms
66ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=6ED4D34F-364C-4BFE-9ECC-B62A4213A91A&function=thumbnail&type=preview&source=false&width=420&height=235
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 0331289ba029f03ffbc91d9c576516a11c4f31ff41ddfbe7994760bc5d3f8a87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Nov 2021 02:24:57 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 02:24:57 +0000
server: nginx
age: 2003
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -T7xDfOxP-37N3b-OrNUvUukRCu2cC6PoBadJ5OJakqCDNbp_znNRg==
expires: Sun, 22 May 2022 02:24:57 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 28 KB
28 KB 54ms
49ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=566d7d29-366c-597e-a863-46cdc7dd45ec&function=thumbnail&type=preview&source=false&width=420&height=235
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 82d70a285c90981bfc4edc917670773e26a116c506614dfa09138c490e82f1d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Thu, 11 Nov 2021 12:06:46 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 12:06:46 +0000
server: nginx
age: 1003894
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DlkYUlu_9We5cQnQzIWLEk1EfWf3nFphEJI0v9ssrP8JEvw4Lc7e1Q==
expires: Tue, 10 May 2022 12:06:46 GMT

GET
H2 200 default_staff_image_jor.png
www.the-journal.com/wp-content/themes/durango/images/ 1 KB
1 KB 24ms
19ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/images/default_staff_image_jor.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: c409f2c6ab78e881bfb9d94ea857a804a3276752f35292fab291d41f99955c9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-4cb"
content-type: image/png
x-iinfo: 5-51472256-51468184 2CNN RT(1637636299098 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=24663, public
content-length: 1227
expires: Tue, 23 Nov 2021 09:49:22 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 5 KB
5 KB 49ms
44ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=42c9dc74-6111-5009-8cbd-2e88aed2654b&function=hardcrop&type=preview&source=false&width=256&height=256
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 4c455bea320762101c4326efa9349b83630e7fa88e88061d35a550f776b690ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sat, 09 Oct 2021 12:07:30 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sat, 09 Oct 2021 12:07:30 +0000
server: nginx
age: 3855049
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vHy2LGJULqKh90kgKJgvXeWMy5MgpLlm1kWUNaaTnUCqQWyiyiTBFQ==
expires: Thu, 07 Apr 2022 12:07:30 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 7 KB
7 KB 55ms
50ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=bade7b3f-6961-5feb-8139-3e19542b1f04&function=hardcrop&type=preview&source=false&width=256&height=256
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: e1e7e64c14b5f10e4c1b223e45d0acaed3a02dc91c59fc515a0c29568ab1642b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Sat, 09 Oct 2021 10:51:36 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Sat, 09 Oct 2021 10:51:36 +0000
server: nginx
age: 3859604
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5SAaFG0Uo1dhr_kGqfzSp2lZU1NQFS85WszSubNZMnY2P7jI66SZfA==
expires: Thu, 07 Apr 2022 10:51:36 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 17 KB
17 KB 54ms
49ms Image
image/jpeg 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=5c477275-8979-584f-8b09-59d556c453d1&function=thumbnail&type=preview&source=false&width=420&height=235
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-88.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 6d919891d72f5aaa69138f77e4d7806023a3ce7f0bc0aed99efe6cc5ea73d904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Wed, 10 Nov 2021 11:10:05 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Wed, 10 Nov 2021 11:10:05 +0000
server: nginx
age: 1093695
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vDfAwF8IgFuL1XHDqC3fGOlkFthIFFPH99FXKblGkvZQ_PopWG5BtQ==
expires: Mon, 09 May 2022 11:10:05 GMT

GET
H/1.1 200
OK /
thejournal-co.newsmemory.com/ 39 KB
39 KB 533ms
182ms Image
image/png 50.17.180.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thejournal-co.newsmemory.com/?getprima
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-180-6.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3fec1a86dd11a9d06023bd9603d5fef8893d7f425b331a50195b11ed0bb7d3bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 02:58:20 GMT
Cache-Control: max-age=900,s-maxage=900
Expires: Tue, 23 Nov 2021 03:13:20 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 best-of-cortez-2021.png
static.ew.dur.navigacloud.com/wp-content/uploads/sites/4/2021/10/06040736/ 364 KB
365 KB 56ms
17ms Image
image/png 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ew.dur.navigacloud.com/wp-content/uploads/sites/4/2021/10/06040736/best-of-cortez-2021.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-6.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 276ab9be8edd6e881ff5cfab7e41c33c56d68c876ae1d94fdf5c6d58557f896b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:39:52 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 16:07:37 GMT
server: AmazonS3
age: 4094309
etag: "07a3a61445bacb9fec0180c12a4fc768"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 372630
x-amz-cf-id: FE8NUQ2emC-8xd0l4iT7AYjDj8neTL0rKGtx7uKiwndMLGiizS6Cdg==
expires: Thu, 06 Oct 2022 16:07:36 GMT

GET
H2 200 default_footer-logo.png
www.the-journal.com/wp-content/themes/durango/images/thejournal/ 25 KB
25 KB 31ms
26ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/images/thejournal/default_footer-logo.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: e5b7f18cc4c5713c6fc95da71e3b22bf0a3ad4d66ce0df9781b0bc2a3f1b924b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-6459"
content-type: image/png
x-iinfo: 5-51472257-51472258 2CNN RT(1637636299103 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=50444, public
content-length: 25689
expires: Tue, 23 Nov 2021 16:59:03 GMT

GET
H2 200 wpcf7-recaptcha-controls.js Show response
www.the-journal.com/wp-content/plugins/wpcf7-recaptcha/assets/js/ 1 KB
690 B 9ms
9ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.1
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: aaee4ac5d612c170282e07385908404a8a20b055da1e9242099106bde3227efc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 13:35:12 GMT
x-cdn: Imperva
etag: W/"61040010-77b"
content-type: application/javascript
x-iinfo: 5-51472181-0 0CNN RT(1637636298607 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=21967091, public
content-length: 528
expires: Thu, 04 Aug 2022 08:56:29 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 912 B
993 B 78ms
56ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

098536009e162c6da10e1db372c4aa219a6e562b824becdc8a3abd016de82bbb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Tue, 23 Nov 2021 02:58:19 GMT

GET
H2 200 understrap.min.js Show response
www.the-journal.com/wp-content/themes/everyware-theme-base-1/js/ 69 KB
20 KB 9ms
8ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/everyware-theme-base-1/js/understrap.min.js?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 3f38c93344789f557b5aa27f3e0c7811f6f6958882cbd6a895cdd2005b8222e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 13:35:51 GMT
x-cdn: Imperva
etag: W/"61040037-11543"
content-type: application/javascript
x-iinfo: 5-51472201-0 0CNN RT(1637636298711 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=21940963, public
content-length: 20699
expires: Thu, 04 Aug 2022 01:41:01 GMT

GET
H2 200 menus.js Show response
www.the-journal.com/wp-content/themes/durango/js/ 4 KB
1 KB 8ms
8ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/js/menus.js?ver=20210428
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: dff91edeb3acaaa0588c9f24fa09e53657bfc83f1423e37332e55d32ff2f9f2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-12d3"
content-type: application/javascript
x-iinfo: 5-51472202-0 0CNN RT(1637636298724 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784036, public
content-length: 1064
expires: Sat, 17 Sep 2022 13:12:14 GMT

GET
H2 200 content.js Show response
www.the-journal.com/wp-content/themes/durango/js/ 3 KB
1 KB 8ms
8ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/js/content.js?ver=20210414
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 4823802e5f10da631965c117490c7c9a3a1cbe87dde7590e09d9a07e53988e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-ce5"
content-type: application/javascript
x-iinfo: 5-51472204-0 0CNN RT(1637636298733 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784036, public
content-length: 988
expires: Sat, 17 Sep 2022 13:12:14 GMT

GET
H2 200 slick-theme.js Show response
www.the-journal.com/wp-content/themes/durango/slick/ 683 B
449 B 8ms
8ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/slick/slick-theme.js?ver=202109170822
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: d94f18e4a6c5b3f5cb7055c23757321077e461e2ecb5f117c9eeeda1a93435b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-444"
content-type: application/javascript
x-iinfo: 5-51472205-0 0CNN RT(1637636298743 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784036, public
content-length: 286
expires: Sat, 17 Sep 2022 13:12:14 GMT

GET
H2 200 body.js Show response
www.the-journal.com/wp-content/themes/durango/assets/js/ 70 KB
21 KB 7ms
7ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/assets/js/body.js?ver=180a1769324805b8c8cb667663f14de812f1a95f
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 0169f0c4db4157dd94cb7398e456eaf46fce4f357d7ffb1ba74151639b3b8326

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 14:01:25 GMT
x-cdn: Imperva
etag: W/"617ff335-11a5c"
content-type: application/javascript
x-iinfo: 5-51472210-0 0CNN RT(1637636298752 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29847852, public
content-length: 20969
expires: Thu, 03 Nov 2022 14:02:30 GMT

GET
H2 200 slick.js Show response
www.the-journal.com/wp-content/themes/durango/slick/ 52 KB
11 KB 8ms
8ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/slick/slick.js?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 23fe36a9296ce39e4754d108a9662995a3d29c0239d2af8c171934033b548aaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-15b7b"
content-type: application/javascript
x-iinfo: 5-51472214-0 0CNN RT(1637636298762 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784037, public
content-length: 11380
expires: Sat, 17 Sep 2022 13:12:15 GMT

GET
H2 200 breaking.js Show response
www.the-journal.com/wp-content/themes/durango/js/ 103 B
204 B 8ms
8ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/js/breaking.js?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 03ad25e3fcb013ef61e8820c255ee7cf9eb8f50d2dd44dd4e860c82783c8a4ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: W/"61448e22-71"
content-type: application/javascript
x-iinfo: 5-51472217-0 0CNN RT(1637636298773 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784037, public
content-length: 109
expires: Sat, 17 Sep 2022 13:12:15 GMT

GET
H2 200 wp-embed.min.js Show response
www.the-journal.com/wp-includes/js/ 1 KB
873 B 8ms
8ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-includes/js/wp-embed.min.js?ver=4.9.4
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2016 13:38:33 GMT
x-cdn: Imperva
etag: W/"58359bd9-576"
content-type: application/javascript
x-iinfo: 5-51472219-0 0CNN RT(1637636298781 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=21940963, public
content-length: 751
expires: Thu, 04 Aug 2022 01:41:01 GMT

GET
H2 200 _Incapsula_Resource Show response
www.the-journal.com/ 144 KB
20 KB 23ms
19ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=547724897
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 54af4ee6c289dcf9dbdd876bddb980c0213ed5e7938b16b46ef639418322fe26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20603
content-type: application/javascript

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 23ms
7ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ibr8mku&ht=tk&f=139.140.175.176.143.144.147.148.605.606.607.5550.5551.6335.14541.14542.14545.14548.15815.15818.25253.25254.28098.28099&a=15379666&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7033
date: Tue, 23 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Nov 2021 03:01:07 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 4 KB
2 KB 372ms
153ms Script
text/javascript 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.the-journal.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 7bcc8182c7665f2fa1267b3a3e4f062aea755ff48d5b306f2d0ab08ef3abc0cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 1205
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 60ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1052 / 322 of 1000 / last-modified: 1637622309"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 Nov 2021 02:58:20 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
81 KB 11ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c38382168896e48d65c0f4d89d007d34

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a9d9b0e23fc73ba768afbf2f278a7f0b62efc7e167dc7beabf3afe45feb02a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.the-journal.com/
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JTRtWCb1Wy+2yI3MmIvBHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82875
x-fb-rlafr: 0
x-fb-debug: tc7D9JEFix6oolneN1muty9wE4HX3pjwLeoICwxsSpzSE9clrTL5F36kvJCGrDH4AtXXWQEbZfSmgI5a84892Q==
x-fb-trip-id: 2050670934
x-fb-content-md5: c6564bfddaead3ff50de4e25927e110c
x-frame-options: DENY
date: Tue, 23 Nov 2021 02:58:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "201de1cac44e08c91771ff38bd811cc7"
timing-allow-origin: *
expires: Wed, 23 Nov 2022 02:46:04 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d872f0ea2bb502905b7e23ce35f353acbf8b65ac75cef021b4872ab444e68c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LR5rSeN1sAnKfreWEf/4rg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Ma7kTg2JkAyePnSmQ5CaHHBrMfyA+5AztMnmYqgAcgr2yfeidYNGgz1P6vodDsnGCCDFZbL2pgmTBUwg7lmi1w==
x-fb-content-md5: 20c4dd0a6ed3a6bc911441267f583c5c
x-frame-options: DENY
date: Tue, 23 Nov 2021 02:58:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d01e3611fe544eae578ea8e8b83aa0cb"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 23 Nov 2021 03:06:04 GMT

GET
H2 200 PeAAwgoSllM
www.youtube.com/embed/ Frame 1E16 0
0 68ms
45ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/PeAAwgoSllM

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Nov 2021 02:58:20 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 343 KB
135 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.the-journal.com/
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137335
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 22 Nov 2022 16:55:10 GMT

GET
H2 200 gray-mp-background.png
www.the-journal.com/wp-content/themes/durango/images/ 17 KB
18 KB 14ms
13ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/images/gray-mp-background.png
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/wp-content/themes/durango/css/main.css?ver=202110211022
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: ee363146dba91bf2f44df03c63a6442a0f99e72d9b2d21224f3532f78b31223d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/wp-content/themes/durango/css/main.css?ver=202110211022
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-45e0"
content-type: image/png
x-iinfo: 5-51472260-51468184 2CNN RT(1637636299111 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=45446, public
content-length: 17888
expires: Tue, 23 Nov 2021 15:35:45 GMT

GET
H2 200 l
use.typekit.net/af/b54a97/000000000000000000017227/27/ 40 KB
40 KB 59ms
43ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b54a97/000000000000000000017227/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5c01bf28d585ff45c8c49236f3964f6fc1ddc1d7a4fb0f493393079587d11de2

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx
etag: "056d29fea175b1851e314833b9af3fafd353bdaf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40460

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 27ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/1b21e4/000000000000000000017225/27/ 39 KB
39 KB 51ms
35ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1b21e4/000000000000000000017225/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b304d6f9d7ac625009fc0734b2f8df9c90ed3368ea51fbeec2851a83bd1c2545

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx
etag: "a8ccf2a4092ab7b4faee8149b36f34660d8df552"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40020

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 43ms
28ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/5d6ecf/0000000000000000000171b8/27/ 10 KB
10 KB 57ms
42ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d6ecf/0000000000000000000171b8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cad66c8e9c5ec897d4a2db6a0712510447f3c6c51e0c42776b7a230f969d679f

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx
etag: "bc3ca558790a46ad7469c4980e001589e3ebc433"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10148

GET
H2 200 slick.woff
www.the-journal.com/wp-content/themes/durango/slick/fonts/ 1 KB
1 KB 9ms
9ms Font
application/font-woff 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/durango/slick/fonts/slick.woff
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/wp-content/themes/durango/slick/slick-theme.css?ver=4.9.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://www.the-journal.com/wp-content/themes/durango/slick/slick-theme.css?ver=4.9.4
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
content-encoding: gzip
last-modified: Fri, 17 Sep 2021 12:46:26 GMT
x-cdn: Imperva
etag: "61448e22-564"
content-type: application/font-woff
x-iinfo: 5-51472261-0 0CNN RT(1637636299113 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=25784043, public
content-length: 1343
expires: Sat, 17 Sep 2022 13:12:22 GMT

GET
H2 200 fontawesome-webfont.woff2
www.the-journal.com/wp-content/themes/everyware-theme-base-1/fonts/ 75 KB
76 KB 203ms
203ms Font
application/octet-stream 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-journal.com/wp-content/themes/everyware-theme-base-1/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/wp-content/themes/everyware-theme-base-1/css/understrap.min.css?ver=4.9.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: imio /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.the-journal.com/wp-content/themes/everyware-theme-base-1/css/understrap.min.css?ver=4.9.4
Origin: https://www.the-journal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
via: 1.1 27767db8e5b5
x-cdn: Imperva
age: 1909
x-cache: HIT from 27767db8e5b5
x-iinfo: 5-51472262-51471994 PNNN RT(1637636299115 0) q(0 0 0 -1) r(2 2) U2
last-modified: Wed, 03 Nov 2021 13:59:31 GMT
server: imio
etag: "618295c3-12d68"
x-ratelimit-remaining: 998
warning: 110 27767db8e5b5 "Response is stale"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-ratelimit-reset: 1637636309
x-ratelimit-limit: 1000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 02:27:31 GMT

GET PeAAwgoSllM
www.youtube.com/embed/ Frame BD07 0
0

GET PeAAwgoSllM
www.youtube.com/embed/ Frame 77DD 0
0

GET
H3 200 PeAAwgoSllM Show response
www.youtube.com/embed/ Frame F15B 59 KB
24 KB 55ms
49ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/PeAAwgoSllM

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js?ver=3.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f3ab4e0db957122eadd953affc53c8c1cd6675ce2e7e6a9c801b82196d2ad0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Nov 2021 02:58:20 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 PeAAwgoSllM Show response
www.youtube.com/embed/ Frame 7F0F 59 KB
24 KB 53ms
53ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/PeAAwgoSllM

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js?ver=3.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b6bf618b2b840080277b4fb36fdd928f25391622d23243366c12a2c2ae03648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Nov 2021 02:58:20 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ajax-loader.gif
www.the-journal.com/wp-content/themes/durango/slick/ 4 KB
4 KB 9ms
8ms Image
image/gif 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/wp-content/themes/durango/slick/ajax-loader.gif
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/wp-content/themes/durango/slick/slick-theme.css?ver=4.9.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/wp-content/themes/durango/slick/slick-theme.css?ver=4.9.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:19 GMT
last-modified: Wed, 03 Nov 2021 13:58:49 GMT
x-cdn: Imperva
etag: "61829599-1052"
content-type: image/gif
x-iinfo: 5-51472291-51471219 2CNN RT(1637636299299 0) q(0 1 1 -1) r(1 1)
cache-control: max-age=55939, public
content-length: 4178
expires: Tue, 23 Nov 2021 18:30:38 GMT

GET
H2 200 _Incapsula_Resource
www.the-journal.com/ 1 B
35 B 7ms
6ms Image
text/plain 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-journal.com/_Incapsula_Resource?SWKMTFSR=1&e=0.623597482865506
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1361096988&t=pageview&_s=1&dl=https%3A%2F%2Fwww.the-journal.com%2F&ul=en-us&de=UTF-8&dt=The%20Journal%20%E2%80%93%20Breaking%20news%20and%20photos%20from%20Durango%2C%20Colorado&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1995017237&gjid=502837876&cid=2093938713.1637636300&tid=UA-34252140-2&_gid=599917211.1637636300&_r=1&_slc=1&cd2=home&cd8=false&cd11=false&z=1502758281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.the-journal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.the-journal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 44ms
22ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 Nov 2021 02:58:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 144 B
746 B 36ms
15ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.the-journal.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b75b87bffe52ed94a10eed51cbb204b37fbb9b82244c5d0abdb5834128bfc9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0
expires: Tue, 23 Nov 2021 02:58:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 50ms
13ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34252140-2&cid=2093938713.1637636300&jid=1995017237&gjid=502837876&_gid=599917211.1637636300&_u=YEBAAEAAAAAAAC~&z=776925066

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.the-journal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Nov 2021 02:58:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.the-journal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/4c89207b/ Frame F15B 336 KB
46 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 22:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47193
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Nov 2022 22:09:57 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4c89207b/www-embed-player.vflset/ Frame F15B 214 KB
70 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71869
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Nov 2022 20:30:58 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/ Frame F15B 2 MB
522 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1cd6e7f884567157268a428a6e69ec79dc3d88857bb1cc03699e1441d9d1293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 534462
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:56:56 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4c89207b/fetch-polyfill.vflset/ Frame F15B 8 KB
3 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Nov 2022 18:02:59 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/4c89207b/ Frame 7F0F 336 KB
46 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 22:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47193
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Nov 2022 22:09:57 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4c89207b/www-embed-player.vflset/ Frame 7F0F 214 KB
70 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71869
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Nov 2022 20:30:58 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/ Frame 7F0F 2 MB
522 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1cd6e7f884567157268a428a6e69ec79dc3d88857bb1cc03699e1441d9d1293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:56:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 534462
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:56:56 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4c89207b/fetch-polyfill.vflset/ Frame 7F0F 8 KB
3 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Nov 2022 18:02:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F15B 15 KB
16 KB 37ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 553899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 17:06:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7F0F 15 KB
15 KB 36ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 553899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 17:06:41 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 86ms
6ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=9543
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=22960
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 106ms
102ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=378141&ntv_pl=836551
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 108ms
104ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=adc87e24-6b13-4ded-b405-6d84329d4b5c&ntv_fl=CF4se3gYGjAPzQcMJoAeWVKtg-yjwkEmLFBLdxHPP5EVc8OeIRczsTFkSLs8mocTjbJ5otSVrBDXAolKIwsS7fOgMl6tA9VrDLxFdIh9qBMgmDGHbXZvN7zlAnNAJ_3hkO90RLvbJZWg9aMCrWlrYw==&ntv_ht=zFicYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAJxYQA&ord=1637636300489&ntv_it
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 107ms
103ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=46a68e83-b868-42c5-a94f-241b439bd64c&ntv_fl=CF4se3gYGjAPzQcMJoAeWSgYAW8PwzcMFnrzLhthVQUZY6kTt5wLgxenJAdo_K081O-aYKBAJdLkoSxUP_l4hAtKHQBV7FzWw_wb-wiaBqcDo6DaLnzlW6dmT3v_kZZPzDfGZ2namwg7MeFy4EHWng==&ntv_ht=zFicYQA&ntv_at=303&ntv_a=AAAAAAAAAAChYQA&ord=1637636300491&ntv_it
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 107ms
103ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=99f459f6-7b8c-43d3-a4fe-4e13d0d0ada0&ntv_fl=CF4se3gYGjAPzQcMJoAeWZXtnfVJxkmNFNHQrWtlMtvIq3DMhLKXuVKrqZpr9ULgioHJqBPBjv9IX45wS0UHdaJlXbaVEUc5Ri7bsbRB02Y__YMtxK-qrMVbJGM1nUrKyAzxHfYzT565nNhIAxLBSQ==&ntv_ht=zFicYQA&ntv_at=303&ntv_a=AAAAAAAAAAx8MMA&ord=1637636300492&ntv_it
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 108ms
104ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1054247&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.the-journal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.the-journal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
8 KB 210ms
195ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2934516666814178&correlator=2521872760834830&output=ldjh&impl=fifs&eid=21068031&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=3200696%2Ccj_1_weathersponsor_88x31%2Ccj_0_bestof_728x90_top%2Ccj_1_homepage_offpage%2Ccj_1_homepage_offpage_snow&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=88x31%7C168x28%2C728x90%2C1x1%2C1x1&ists=3&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1637636300&dt=1637636300554&dlt=1637636299411&idt=1109&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C299%2C-9&adys=-9%2C-9%2C340%2C-9&adks=3214336821%2C2897498493%2C1553230741%2C1252218301&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.the-journal.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C1002x0%7C0x-1&msz=0x-1%7C0x-1%7C1002x0%7C0x-1&ga_vid=2093938713.1637636300&ga_sid=1637636301&ga_hid=1361096988&ga_fc=true&fws=2%2C2%2C0%2C2&ohw=0%2C0%2C0%2C0&btvi=-1%7C-1%7C0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3a044d8c63fcaa389fe0e087f1049140e317b0ae7012e7b74665ca889c4fa50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8624
x-xss-protection: 0
google-lineitem-id: -2,5626954265,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138340464101,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.the-journal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
29 KB 316ms
302ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2934516666814178&correlator=2341691976470545&output=ldjh&impl=fifs&eid=21068031&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=3200696%2Ccj_1_homepage&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x600&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1637636300&dt=1637636300566&dlt=1637636299411&idt=1109&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C994%2C994%2C994&adys=683%2C1607%2C1702%2C2320&adks=2390553423%2C2450018737%2C2450018736%2C1819876656&ucis=5%7C6%7C7%7C8&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.the-journal.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1002x30%7C313x0%7C313x0%7C313x0&msz=1002x0%7C313x0%7C313x0%7C313x0&ga_vid=2093938713.1637636300&ga_sid=1637636301&ga_hid=1361096988&ga_fc=true&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

894c2f920e6c9a2b9ae7849796dd8adbe8e9857754f99ed6184d31d3994eda9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29192
x-xss-protection: 0
google-lineitem-id: 5626954265,-1,5831652420,5824474479
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340464101,-1,138371809853,138370203352
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.the-journal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E91F 6 KB
4 KB 65ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 02:58:20 GMT
expires: Wed, 23 Nov 2022 02:58:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 35ms
16ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34252140-2&cid=2093938713.1637636300&jid=1995017237&_u=YEBAAEAAAAAAAC~&z=1637370532

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 40ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34252140-2&cid=2093938713.1637636300&jid=1995017237&_u=YEBAAEAAAAAAAC~&z=1637370532

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F15B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

41ms
27ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff0843d51035fb3ccf9162d8fb95e5b57bf9d4cfae8b75d28ede0fcbddce0f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F15B 29 B
587 B 27ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:57:28 GMT
x-content-type-options: nosniff
age: 52
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 03:12:28 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7F0F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

29ms
29ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99a04edd5498bdd844f2d9349d521b6148916e1c30c669e06a7dc538a26f7400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7F0F 29 B
54 B 21ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:57:28 GMT
x-content-type-options: nosniff
age: 52
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 03:12:28 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/ Frame F15B 94 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc7648e65bcb10e6ce8b89d4281cc1ff291d7858e3cffbd702d67b0f9ea6acb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29838
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:57:44 GMT

GET
H3 200 axIybeQdxw4RbI0uaxpPXcBGoAQIrvp7kySsSJR_Uaw.js Show response
www.google.com/js/th/ Frame F15B 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/axIybeQdxw4RbI0uaxpPXcBGoAQIrvp7kySsSJR_Uaw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b12326de41dc70e116c8d2e6b1a4f5dc046a00408aefa7b9324ac48947f51ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 20:39:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Nov 2022 20:39:08 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/ Frame F15B 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e73619e9ecea219d864310fcb1cbd64bd35a35d03eb67619c629b1e3fc72050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7357
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:57:44 GMT

GET
DATA 200
OK truncated
/ Frame F15B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQ4B4gpLkVdCiErw5X1KUNfsGW221TUsDxPI2s1=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F15B 2 KB
2 KB 41ms
18ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQ4B4gpLkVdCiErw5X1KUNfsGW221TUsDxPI2s1=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bb094b7030fadd4fd872d58b62ed02e9589f91245cf5fde4a61fa552a1d437ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1536
x-xss-protection: 0
server: fife
etag: "v28"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 19:59:32 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/PeAAwgoSllM/ Frame F15B 15 KB
15 KB 39ms
16ms Image
image/webp 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/PeAAwgoSllM/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5082755c64f16961712a00b54ab05be4e4d7ea342f26b50892c32229920494a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15168
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Nov 2021 04:58:20 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/ Frame 7F0F 94 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc7648e65bcb10e6ce8b89d4281cc1ff291d7858e3cffbd702d67b0f9ea6acb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29838
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:57:44 GMT

GET
H3 200 axIybeQdxw4RbI0uaxpPXcBGoAQIrvp7kySsSJR_Uaw.js Show response
www.google.com/js/th/ Frame 7F0F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/axIybeQdxw4RbI0uaxpPXcBGoAQIrvp7kySsSJR_Uaw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b12326de41dc70e116c8d2e6b1a4f5dc046a00408aefa7b9324ac48947f51ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 20:39:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Nov 2022 20:39:08 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/ Frame 7F0F 24 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e73619e9ecea219d864310fcb1cbd64bd35a35d03eb67619c629b1e3fc72050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 14:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7357
x-xss-protection: 0
last-modified: Sun, 21 Nov 2021 03:00:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Nov 2022 14:57:44 GMT

GET
DATA 200
OK truncated
/ Frame 7F0F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AKedOLQ4B4gpLkVdCiErw5X1KUNfsGW221TUsDxPI2s1=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7F0F 2 KB
2 KB 22ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQ4B4gpLkVdCiErw5X1KUNfsGW221TUsDxPI2s1=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bb094b7030fadd4fd872d58b62ed02e9589f91245cf5fde4a61fa552a1d437ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1536
x-xss-protection: 0
server: fife
etag: "v28"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 19:59:32 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/PeAAwgoSllM/ Frame 7F0F 15 KB
15 KB 22ms
7ms Image
image/webp 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/PeAAwgoSllM/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5082755c64f16961712a00b54ab05be4e4d7ea342f26b50892c32229920494a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15168
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Nov 2021 04:58:20 GMT

GET
H2 200 9543 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
275 B 429ms
415ms Script
binary/octet-stream 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/9543?t=20211023211
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 9S6mSj8Spm7ifrX_3906wqo7_s1ebU9w
last-modified: Sat, 09 Oct 2021 06:01:32 GMT
server: AmazonS3
x-amz-request-id: PYQ79H14846JEWHP
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: binary/octet-stream
date: Tue, 23 Nov 2021 02:58:21 GMT
accept-ranges: bytes
content-length: 0
x-amz-id-2: YiGdIsLmw5Vm0HMmU920aVwcDecAvGH8pa4lOTd20SraVNuSBGtsS9CqIAZxmOhWETj6xo5MLbo=

GET
H3 200 container.html Show response
f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9575 6 KB
3 KB 28ms
10ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 02:58:20 GMT
expires: Wed, 23 Nov 2022 02:58:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 57BD 6 KB
3 KB 27ms
10ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 02:58:20 GMT
expires: Wed, 23 Nov 2022 02:58:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4C7D 0
0 48ms
48ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2L5WJPW2sshIVqZDyRRj4MhueN6l_Lcz8WxWbW4elxXI94VhIt3oLm2qcWe1z-lVvDynx88vIOLtO-nHQwPjcAEFG_A-_uR1k_Om1MMS97Is0F59KvAxDZZIQ4yJlztnIH9CopqcdHGM4DH6CaOhUBgmA8YTUfQQIJwiiegv0hfsLTlkcUdG7FTIPHakXMM7kqQZhsMYjRL6jGGUF6O9uWoLSoX7oXls6_2cq0tpsYlYd-C5-WfR1nSj8MTgKTOVdAsVtpXfFYw6O8YzFcpF-44hdo3XxFXgL-9FO3MGGxpyZF0uM_De47NxG4Xo9eos&sai=AMfl-YRDFJ3bgJv2eJfb_owf5-G-DxQhUAi3kusHPRZuRauegWGIUJXA3QMJIevUKlv99h0SV2rlXAjSbB0vF_YoF0WftUTVP8jaxIWHX-fpDbOQ4GcVe8Lfhrr52v-QJsA&sig=Cg0ArKJSzKKU-SLGx-uIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Nov 2021 02:58:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 4C7D 19 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 02:30:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4C7D 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 02:46:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C7D 119 KB
36 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 02:58:20 GMT

GET
H2 200 83510607788571506
tpc.googlesyndication.com/simgad/ Frame 4C7D 109 KB
110 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/83510607788571506

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f03812c4d51c2cd26cd248c6e6ff7b3dbcb673b23e6a71c4f31dc991f704ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 03:52:16 GMT
x-content-type-options: nosniff
age: 169564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111897
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 03:56:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 21 Nov 2022 03:52:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B646 0
0 46ms
45ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXPYD5szKK0-IgIc4w5MHLoF88yUifF2oIEuD8_GhpuqA_3Ozi3p_chk5dV08SAhN_bn7p1bcBVv9hsQpQLu2N8Oseg4m9HHY2r9WQS8KPHvvNUh1uJ1XNIuJeVa_JZ8RJkXbCO0eX75tzex5ExH3STWb_ddhP7KmaTdvljNwW_JP_ArGp2blI-wFwl1aW2sW9e7WAyDVQ5shX3BEzfX-WtAIUO4U7tGOYwaKVm5I3RutvfbZlpSsP8J2YAXscLeQTWR_6R4g7RYbA5UVBIBtw-qEtDT_kpSWnsttq8tr2daCM01zPNC3N6_yzkCY&sai=AMfl-YSv9EhVaFbKfmUqJ9NfqYlefJxm-9JE6rGdhvllpBiiq2qx3ZpK_o8oLAgCl_TJDWIOI867WFLURbLDVYQUH-xnSL_05TmJXicyHpD6T-xQd28neCf9n_ul-WHj9sU&sig=Cg0ArKJSzJMxUMeywzLbEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Nov 2021 02:58:20 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B646 19 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 02:30:06 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B646 2 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 02:46:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B646 119 KB
36 KB 44ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 02:58:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B646 0
0 18ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFZ4y1fJC9rP7bupWIfcugDdFBKz0Vb403vkcQAl621yJlS1mHENaqgfj0lZZzZZFtkwfha7Ib9GNX8HW2vpBi4j0vEw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 16991943742766662669
tpc.googlesyndication.com/simgad/ Frame B646 104 KB
104 KB 14ms
11ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16991943742766662669

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7544e6bad60e8b097c310ac807a879448b450e1ed11da9110975ce6c6d9875cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 19:39:53 GMT
x-content-type-options: nosniff
age: 544707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106801
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 23:05:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 19:39:53 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F15B 4 KB
2 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 02:58:20 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame F15B 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?OYpJ_g
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7F0F 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 7F0F 0
9 B 12ms
10ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?oIzUsg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/PeAAwgoSllM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame F15B 52 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 23 Nov 2021 16:48:02 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame 7F0F 52 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 16:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 23 Nov 2021 16:48:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B646 0
0 60ms
44ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1hCoJp9kFb2_-xk-PbgqtDMuPs01G4WjvMoC-apvcexReZO2pWs-EoI9vdFg4xsmS2UaZqK3RH6dkzLyjvMImDz4BB7O7ejAqILL9Zm7hmZtU31jP36mCeyRUCelkWbHX84nL3DmCx2pWq6YerghWJyq7qxc-oijru4PUqbblbSyZS_PJcqUNwad-MYue_Z7EdxUM1_RaRh8F2IFr0zvaQtxUsutWzMHRonNvqR2JkYJ74ckMcpFDIKf_7Z_X2sDLqFO6BOwc4Y7Mj3bgtWau4Yxs7yD0KhuEJIh4wjIKls7M12Ywx3CEBkpiWuC41Q&sai=AMfl-YRx6WU1lS_bJccpKvb2xE_kUrn7TUDufSTObE_WfgOP2EIoIh2M5fAIa752yGkc3_cTqM2lcAMfdgkgD_h1n_6-IkzqLXHEIbJBprvtZ4v02GvB6kth_btBHuZtKDI&sig=Cg0ArKJSzKD8MLK8RJJpEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
DATA 200
OK truncated
/ Frame B646 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cc3fc597bfa7a2905a9bba036b716d136442312ecdd6abb73cd294b6d725639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4C7D 0
0 49ms
49ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6p-x_VcVw104Y28PS4Z1uTminQ4WHX5amCmypPa4Pk1OYgbU8xmkXvzvc26FthkqGmkKXSBErBUdck4HrO0V1AAyTqnD56FcWj-Wa9VFzedNUVAa5m7cbq-O7MYEDU-M2jGmv3IB4oZ1mgsNu8N08xKkrkz908f5dRbt9eHZZyu2ZjjoxOjcQ2b7X7avVQGUFJfvpHDRsMDe4dpyVBIMVIprnNY-XJPM-ijO94lIRILT-Iq5iPEcf8oOF0OQkHlpuegHLDb46iGQCx6Ktp0kOAsvd3zIvbd3ML1dsgx0lcwJew5wac7YixJRHM-H90ZQaSg&sai=AMfl-YQM6NQWkJi-tInzs-CJp-1DArSBmnGQvoUkLdQQ6PgKObPNbX8amBnaMov5-jroWmt1R0id4Nr3JepRjSwAEfEdK8XFwP-7J2ZMAgPvOyEuTSbUpzarhnI1yFsn4iY&sig=Cg0ArKJSzHcWe80pNqTvEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
DATA 200
OK truncated
/ Frame 4C7D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bd2a0d6641bf94f2a783f274d17e3c382aa0f39cb43520e247300a434c43128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5B0F 624 B
297 B 20ms
16ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahi5t_u4ATAB&v=APEucNUTWZ25sFX-H4MuUMbGGll8aroZxVKYxTHC5M-WZN1BXy1eD5oLaX3orQYpeWU3bT5mhQC2m36nLW6IMqMu8CxhNJuhLSoDjxx_AiA0fLQJZd0vcDEvNHtKCVgyXkF35StNn3-Gh8Mdd2yXbkdJTjhcNbY3E_LnjFEqvTrvPZ-jGQ940WY

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Nov 2021 02:58:21 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 57BD 25 KB
15 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2MGL6ByhQoLMfamxTmX6d24YDF3bJmvUmqIRySH8AqmMUwaUXy9iTuSSbjNcJmCjnPO5lQQFX11g6GosTWosfDpEPjFCxYpvAf5_qnJTKZppLGU-Vkhk6W4TClJty2-zYVdXUfwWQRcrHhwZ90t30CrQnDA&cry=1&dbm_d=AKAmf-D1GbKLjgitWXvnVrP9uxz7OK7i5ih2w-CIHrIk9CEJYTyMj1AR-EmxXzj6-rL5LD-_EjCGfY7wg-QucepMtjTTpdtKxw3aQQe8SISSabVkyTsI4NwowG2ccg2CxMbA-d9CzXVwqXXGi49lnNM87QKRFnN3s4fU3g4dVKF8f5WlfT52L0QGsx9-plw1JUyBKuAc-AUvP_IjZyFzOmJM1t9VQCrRCRjUfj9a67EQ_T2BtBteMMVTw4xda5yoCzr4jmgJIrb9j1QNCcf8B5DRELNj7UevXnB0xpaufdgSYqDJcgK1fR9IbL9j5tjK9Wjp6LC_MKe9S2h2SUk1ITF4qiwDS3en2j8BpfBA0CAFxQ0Xw1UQC7FKv2-1alrsiE3YL9nqFpJEiCivJQCXyUDMdUpFvStAzQjmVkYaKMjPZ62IGdufkIGGGeppfK0gZgJ0-Hl_KTYbZ5JaOW0xggkhb-jtyjgphjE-gAuCK-mZiYXOVNFc5b9Q-YqE3KIQmDM8_p8Kr1nYn-Gs0pwQEMqCtCHYmi2biBDKgRF4d-1gDV5UPUOyPsycFQBFFeJunpHZXbM2FYKfVVoiXbuJw4ic7o2cnvfgHbWrCAN0j7JTwSNT0m7b1lANsNiSDYU5aOmWtUhxXnJhBfyRLXgQNe2RukUuNKEusENxeh8ws2Ohd2-ZT_wBs7tSe8kGjqJ8ozHPxk-M_RcLPcTYOeYrBEKQa_ipe82Z7HW977kgR-RNquj3KDN2aMXoXCAHcxX3kXfKGVOYun8QFEOBqnJ3nJB5F4aFr6wBl0RxRLhVTkOzsAJHWL5RuHh8QBfzP0u1nW3BWP24fJqF7CPdW5i2P-jf6Djg02_80fWvJCWZ1CQhEF7Uz_9DopKLd90v2GxFw4caveQUC59AoAY6_P-dbLh8jNhJDPour2b6zxVQvLUo2X5vH-FFlNNAYsWDFxGE2Mg9gXz5tCOoSQWNd-TEf4EFwwZylavTvkBQgRzBoMwtbipiC1O0wV1zioHL7a0EhNshw_7cw1_9K_ATxW4tn0pAXpb1GIDOJvdcgSeGzTu7hA9tfJnzqS2iwjP1m2AVO_W8RuRyzgGIP2dgpZv8RFutjc6jy378txKB2OQgWGZ0RALX_bm46OLLsvV5le8SHwuZMNBNhpi_o2QJHzhsl_xcwMB1LNCnMRMTWdoehC80FrcCjGb3sGXYy8-mvaFp7QOho5ir5l_oj7Hpr1M1jh9BBekYGdB0EbgJ9-jwYSYdZ2MXiO2WfIIZzVXfpUa0SWvryLtCW1WsWfZhXEzUEVum9G9m5J8EOtAY1181OT0QfK53zyGy1BJPipDZ6Ixhk07Oi9mxkx4ENWwbviUfVZj-mpA3V50qzwewDf4niraRCTbu-TifjzDd_m1WTppvCdUST76s--qylIIKWaVd6kuRh3yZv-0Xvbq6e6UyNjkLL4s0v6dsLDVC3kuerZkKp0HUqVPjOepdrckzJAgzP-jHbzw9s-rm2rC5JqTe16kgxg6sbt-Vy95GPZRxh1JmHEfdc75bjja7HYTzfS3O0QNcmCetAhd9BunPijIXAiiqHum6KgQpBeQ3XJo9It5Ob7_0BfRPtdzpvdNZlNigWsZLoUyO_FyEoOH5cm-uIIrGI4j13DmiocgBbMcoJs6f9CYKb_VJqmtkf3tPtKqXoOd4eQKZ9deLsg_t8BcYtK9E1mluR51b_j05iixsdkdMf7Mh0-waj-rqi6Cz2mboi0BR03qQz4tI8CgFGLlEXZkKyf1R0h9fjbZvmW1N13hr1EXL46NMmHIXL8QbJMPUKnhCM10tw181V1QHz7AuzSnVlMTGn9Pfl-0Sgu01QztYCLxZeVKwb7BGazsU8XV2I9VhlU-adRO9slAdVXGaEHcFrC3o7Ld08BKnYMsGM1MpoLaPGs6K0qbnICa5GtQkFXpMJdjmOPxNhaXlBVTkOF6n6F9fBHDXzDDLgML76CjTnCIISJogtClJAXQxNUZW90grXuiCTwAlPj690Tq0cz1dmjbmjYKtQnAARNkUkLvKz_L4R_FLOxpiufpxikxTJfrklz09gQY3l90BvNeEQE5rB28Lg4RCw-QbeYaNYJ9AWjN-Qoqreb11iji_Xco6xFPgVMs2lwUzKAy3cLuW9fy_LAjdqx3v-vcLqrM768ZJi9slawjqcJBqF1NwDYewQ4vR8rnLH2uAsEzoqzHDaAlMzWPrIGDl0c5BNpSDk6iQH4ZOy23-avhbcKW8CapG-z9VBhn06Oe7PETshKxxZQhC6Ariuucp_KHSy4d7zQo_z_7suoso9getftEtC0sDizRv6uE85jqg4S3gIljBdCfwPYMov10xxElYuXQL3ggHy7XpBpCndvhn_ZJlnLPKj55_QJyTc8bRWw9jc-Su2vjyLWhSIQJcMb1W6FXyV2DFsiy6JG31udG0VyjjHe1v9CMqlukbzqlPJlE36X4JayknFgB24Sf5XyWSqBWgV-YriIR-DoAHuNzkZy9hOK5dy2c_IXK5GTZJn-CjA3F3QknMpk8nzBP_e7J4AJFNm1DzOGjiZUXV8qQpsSCGtfYkzP65-R3PLfUhDcS-zMO4mgn0SYW3KX-xMfF-btlpmsnjTwtorXAtoO_MYrymTSXXs08GwdkqIkJbn9mgSc48mgkN9voicJ4I1z-aj_RFhsou5lHFwVjxV3D5r6smedZc0k-DP3wiRBrd1p5dotbpGGLNM51VIO1DbToR0DzDO6H0qpEFo1lq1OBv_mjDKtSWx-vYGZhScRhnTX0NGjs3JvQMlUdP8pDT2146383LaVQ7YA1dPPXp5b3JWfYhjw65Ktbzk7J7UTsfQveL6aBLDrCvFEbnPl8AnWsGvV9F4magNayPKtDlt7pf6BK8Ftj8KQV2oTsfmNtaP_kGfkFknVzGcSsOGH_BkRrelYmMYMkd3WHaVhZ12iWFycTDfi9lbnCu1ihcrBLklF0h6Id5DVWZZeVOYeyZJRAgA05eP65j7XjVnEXlrrgfubnNhutLEoSSrHnhj_5KbSqbSN6nilUuyhe9JzPwRJcMlm_9rUvWADEv2Pwq2Ln27RHQbNIofm3axUi1Qpdn1s8SAFdsGOmVXXo9kUTtb5RP3jKfrwtRz_XL12r8CG5yjUyrpTmkGzzUkdGEZN8t4MtWCczHV4GSQU5RPbZcK_rkVECd7VB7AXRVODAus28G3Gq4PAFf54DlKsqzJkong__LXyngSs3ct3Wwkxq4QYMilfhY61AcA8a6x5ZDsiBYrDDVP0UmESrQGSwuqW9ONoT1I3S8v_aCFgsxZWQwUKd11YMGx-70Jn-hppmwZmPO&cid=CAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw&rfl=1%2Chttps%253A%252F%252Fwww.the-journal.com%252F%240

Requested by

Host: www.the-journal.com
URL: https://www.the-journal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ff3ef368ab7be1a32fc8b6c1f1cf450cd6c556e6eb2306cbb5559dd699af38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57BD 42 B
173 B 68ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aq0ToyGvJfquQX059n3N1cUFV1AyWXG_sBybMRasL2hUGBP0zFX1GnCoHn2FEgTmig4xHCRCR-Bf_10pCU-XXxuRgzdLItp-WnUzzzzVg6D4L6GgU

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 57BD 32 KB
8 KB 55ms
14ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 57BD 3 KB
2 KB 56ms
16ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=4699122&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CsvlXzFicYf6wJtON7_UPuZSfmAv57K_FZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq--NeH-P7iGuCSy8wehoIEkyokO403-T7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK_WuQph31jVV_bnjY_pkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel_aMJJNcOoxmQMN4UCt85gfy-agktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05-yCpeDv5h100yVIvg--xJnYPRnCkboD-jcogpDKCzSyKU6IAzhj8T7k1n9-Xn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE&ae=1&num=1&cid=CAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw&sig=AOD64_3Yl89uigt3Icz3uJvXzCk8f0Cs3g&client=ca-pub-4096035528202683&dbm_c=AKAmf-CiseqNqqZdBTMY_nMoiH3Jd5SdNWOmgctGL-QRs5kg-3H1mh3wxmD6aV4_crQzyUQebqwdCrnAh4jPdiq5ySPCBX4_r2zRltcWNMansE-ib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg&cry=1&dbm_d=AKAmf-BXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn-9yZ7NH3_i7mSj61AKGBa1qnlNCufh-3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl-fMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM-iT9xEjaHlAEBAg_2kDfx9NaCc1Wr6YF_L3A6jjMMQ_prErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt-Q2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i-jFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo-k5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri_pP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk_78ltz9FsbyVVet2cLZ-GFBho7pCvUGRIwW5tH7w1tQ&adurl=
Requested by: Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 33bbba013b4c658ed41f35ad6401fa99e16b14927c6d3fd514652b9dc0707dab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 03:58:21 +0100
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 57BD 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 02:46:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57BD 119 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 57BD 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 02:54:28 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9575 22 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 14:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Nov 2022 14:35:27 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9575 111 KB
40 KB 47ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd10e3619ef25161603f7049de38ea28b712a390fdbd4bdfc5b93087dfd7a70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40086
x-xss-protection: 0
server: cafe
etag: 11247476434546925735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9575 119 KB
36 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9575 0
0 52ms
50ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4527uTT7E-rpQre41Gku9TqVTjsYbv9WxREAv-Rh4l66Kvfk1yzhsde1Y8nWpjSD_EA_qiiu_hiL6-ijlrPm_eVK7sMdCNmOgYHOpoFIQ68IgK4Me6J80xae8Yt471yYkwSIKELgQSfn-v4sDMI8ScDWK8sYUM1zhQ6U_w7yssHlmV0pePiIKH5ADYZtv_FgmLnExeRARWQuEF71FrOAwqK-Ow1RD0ldi9cyelGno29wLfNiCKJbXufvulxTix15vy-s6RxR8ADhi19-XppMWNbj_L6LYfYXXA_8JLQ572hbR49W7sGAZm16dOdeDS1azIbFkdQXhEVn0&sai=AMfl-YSnUUFUq5xCv03Oz6wnLDUKqZmMiLU6E8YDfnFROOMwtXd2DUM47KPhIPwpnkblziRPcHGx5fvzBsQES_8rMXgEmb8wZIYAfwLEh-IDwhTW9WNQqw-_FuyqI0W72MU&sig=Cg0ArKJSzIxy4u6l1aHPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5B0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-8x1Xj5FP02ZAMS-RDDDg&google_cver=1

43 B
1014 B

32ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-8x1Xj5FP02ZAMS-RDDDg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahi5t_u4ATAB&v=APEucNUTWZ25sFX-H4MuUMbGGll8aroZxVKYxTHC5M-WZN1BXy1eD5oLaX3orQYpeWU3bT5mhQC2m36nLW6IMqMu8CxhNJuhLSoDjxx_AiA0fLQJZd0vcDEvNHtKCVgyXkF35StNn3-Gh8Mdd2yXbkdJTjhcNbY3E_LnjFEqvTrvPZ-jGQ940WY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 02:58:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 02:58:21 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-8x1Xj5FP02ZAMS-RDDDg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5B0F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZxYzW7ibcNNJD6iwfLpOwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-8x1Xj5FP02ZAMS-RDDDg&google_cver=1

43 B
894 B

89ms
89ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-8x1Xj5FP02ZAMS-RDDDg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahi5t_u4ATAB&v=APEucNUTWZ25sFX-H4MuUMbGGll8aroZxVKYxTHC5M-WZN1BXy1eD5oLaX3orQYpeWU3bT5mhQC2m36nLW6IMqMu8CxhNJuhLSoDjxx_AiA0fLQJZd0vcDEvNHtKCVgyXkF35StNn3-Gh8Mdd2yXbkdJTjhcNbY3E_LnjFEqvTrvPZ-jGQ940WY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 02:58:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 02:58:21 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-8x1Xj5FP02ZAMS-RDDDg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5B0F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDmn3RTaWljv8dHdrAQBXYU&google_cver=1

43 B
1004 B

37ms
17ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDmn3RTaWljv8dHdrAQBXYU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDiuNr0Ahi5t_u4ATAB&v=APEucNUTWZ25sFX-H4MuUMbGGll8aroZxVKYxTHC5M-WZN1BXy1eD5oLaX3orQYpeWU3bT5mhQC2m36nLW6IMqMu8CxhNJuhLSoDjxx_AiA0fLQJZd0vcDEvNHtKCVgyXkF35StNn3-Gh8Mdd2yXbkdJTjhcNbY3E_LnjFEqvTrvPZ-jGQ940WY

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 02:58:21 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a7a33bd7-3163-4f2f-9be1-a8e1ff101dd0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDmn3RTaWljv8dHdrAQBXYU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5B0F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxODQ4NzM5NDU0OTIwMTI3Ng%3D%3D

170 B
188 B

43ms
29ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxODQ4NzM5NDU0OTIwMTI3Ng%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 02:58:21 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5fd37a0d-13ac-421b-8a19-16c443ad29c8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxODQ4NzM5NDU0OTIwMTI3Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 57BD 24 KB
9 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2MGL6ByhQoLMfamxTmX6d24YDF3bJmvUmqIRySH8AqmMUwaUXy9iTuSSbjNcJmCjnPO5lQQFX11g6GosTWosfDpEPjFCxYpvAf5_qnJTKZppLGU-Vkhk6W4TClJty2-zYVdXUfwWQRcrHhwZ90t30CrQnDA&cry=1&dbm_d=AKAmf-D1GbKLjgitWXvnVrP9uxz7OK7i5ih2w-CIHrIk9CEJYTyMj1AR-EmxXzj6-rL5LD-_EjCGfY7wg-QucepMtjTTpdtKxw3aQQe8SISSabVkyTsI4NwowG2ccg2CxMbA-d9CzXVwqXXGi49lnNM87QKRFnN3s4fU3g4dVKF8f5WlfT52L0QGsx9-plw1JUyBKuAc-AUvP_IjZyFzOmJM1t9VQCrRCRjUfj9a67EQ_T2BtBteMMVTw4xda5yoCzr4jmgJIrb9j1QNCcf8B5DRELNj7UevXnB0xpaufdgSYqDJcgK1fR9IbL9j5tjK9Wjp6LC_MKe9S2h2SUk1ITF4qiwDS3en2j8BpfBA0CAFxQ0Xw1UQC7FKv2-1alrsiE3YL9nqFpJEiCivJQCXyUDMdUpFvStAzQjmVkYaKMjPZ62IGdufkIGGGeppfK0gZgJ0-Hl_KTYbZ5JaOW0xggkhb-jtyjgphjE-gAuCK-mZiYXOVNFc5b9Q-YqE3KIQmDM8_p8Kr1nYn-Gs0pwQEMqCtCHYmi2biBDKgRF4d-1gDV5UPUOyPsycFQBFFeJunpHZXbM2FYKfVVoiXbuJw4ic7o2cnvfgHbWrCAN0j7JTwSNT0m7b1lANsNiSDYU5aOmWtUhxXnJhBfyRLXgQNe2RukUuNKEusENxeh8ws2Ohd2-ZT_wBs7tSe8kGjqJ8ozHPxk-M_RcLPcTYOeYrBEKQa_ipe82Z7HW977kgR-RNquj3KDN2aMXoXCAHcxX3kXfKGVOYun8QFEOBqnJ3nJB5F4aFr6wBl0RxRLhVTkOzsAJHWL5RuHh8QBfzP0u1nW3BWP24fJqF7CPdW5i2P-jf6Djg02_80fWvJCWZ1CQhEF7Uz_9DopKLd90v2GxFw4caveQUC59AoAY6_P-dbLh8jNhJDPour2b6zxVQvLUo2X5vH-FFlNNAYsWDFxGE2Mg9gXz5tCOoSQWNd-TEf4EFwwZylavTvkBQgRzBoMwtbipiC1O0wV1zioHL7a0EhNshw_7cw1_9K_ATxW4tn0pAXpb1GIDOJvdcgSeGzTu7hA9tfJnzqS2iwjP1m2AVO_W8RuRyzgGIP2dgpZv8RFutjc6jy378txKB2OQgWGZ0RALX_bm46OLLsvV5le8SHwuZMNBNhpi_o2QJHzhsl_xcwMB1LNCnMRMTWdoehC80FrcCjGb3sGXYy8-mvaFp7QOho5ir5l_oj7Hpr1M1jh9BBekYGdB0EbgJ9-jwYSYdZ2MXiO2WfIIZzVXfpUa0SWvryLtCW1WsWfZhXEzUEVum9G9m5J8EOtAY1181OT0QfK53zyGy1BJPipDZ6Ixhk07Oi9mxkx4ENWwbviUfVZj-mpA3V50qzwewDf4niraRCTbu-TifjzDd_m1WTppvCdUST76s--qylIIKWaVd6kuRh3yZv-0Xvbq6e6UyNjkLL4s0v6dsLDVC3kuerZkKp0HUqVPjOepdrckzJAgzP-jHbzw9s-rm2rC5JqTe16kgxg6sbt-Vy95GPZRxh1JmHEfdc75bjja7HYTzfS3O0QNcmCetAhd9BunPijIXAiiqHum6KgQpBeQ3XJo9It5Ob7_0BfRPtdzpvdNZlNigWsZLoUyO_FyEoOH5cm-uIIrGI4j13DmiocgBbMcoJs6f9CYKb_VJqmtkf3tPtKqXoOd4eQKZ9deLsg_t8BcYtK9E1mluR51b_j05iixsdkdMf7Mh0-waj-rqi6Cz2mboi0BR03qQz4tI8CgFGLlEXZkKyf1R0h9fjbZvmW1N13hr1EXL46NMmHIXL8QbJMPUKnhCM10tw181V1QHz7AuzSnVlMTGn9Pfl-0Sgu01QztYCLxZeVKwb7BGazsU8XV2I9VhlU-adRO9slAdVXGaEHcFrC3o7Ld08BKnYMsGM1MpoLaPGs6K0qbnICa5GtQkFXpMJdjmOPxNhaXlBVTkOF6n6F9fBHDXzDDLgML76CjTnCIISJogtClJAXQxNUZW90grXuiCTwAlPj690Tq0cz1dmjbmjYKtQnAARNkUkLvKz_L4R_FLOxpiufpxikxTJfrklz09gQY3l90BvNeEQE5rB28Lg4RCw-QbeYaNYJ9AWjN-Qoqreb11iji_Xco6xFPgVMs2lwUzKAy3cLuW9fy_LAjdqx3v-vcLqrM768ZJi9slawjqcJBqF1NwDYewQ4vR8rnLH2uAsEzoqzHDaAlMzWPrIGDl0c5BNpSDk6iQH4ZOy23-avhbcKW8CapG-z9VBhn06Oe7PETshKxxZQhC6Ariuucp_KHSy4d7zQo_z_7suoso9getftEtC0sDizRv6uE85jqg4S3gIljBdCfwPYMov10xxElYuXQL3ggHy7XpBpCndvhn_ZJlnLPKj55_QJyTc8bRWw9jc-Su2vjyLWhSIQJcMb1W6FXyV2DFsiy6JG31udG0VyjjHe1v9CMqlukbzqlPJlE36X4JayknFgB24Sf5XyWSqBWgV-YriIR-DoAHuNzkZy9hOK5dy2c_IXK5GTZJn-CjA3F3QknMpk8nzBP_e7J4AJFNm1DzOGjiZUXV8qQpsSCGtfYkzP65-R3PLfUhDcS-zMO4mgn0SYW3KX-xMfF-btlpmsnjTwtorXAtoO_MYrymTSXXs08GwdkqIkJbn9mgSc48mgkN9voicJ4I1z-aj_RFhsou5lHFwVjxV3D5r6smedZc0k-DP3wiRBrd1p5dotbpGGLNM51VIO1DbToR0DzDO6H0qpEFo1lq1OBv_mjDKtSWx-vYGZhScRhnTX0NGjs3JvQMlUdP8pDT2146383LaVQ7YA1dPPXp5b3JWfYhjw65Ktbzk7J7UTsfQveL6aBLDrCvFEbnPl8AnWsGvV9F4magNayPKtDlt7pf6BK8Ftj8KQV2oTsfmNtaP_kGfkFknVzGcSsOGH_BkRrelYmMYMkd3WHaVhZ12iWFycTDfi9lbnCu1ihcrBLklF0h6Id5DVWZZeVOYeyZJRAgA05eP65j7XjVnEXlrrgfubnNhutLEoSSrHnhj_5KbSqbSN6nilUuyhe9JzPwRJcMlm_9rUvWADEv2Pwq2Ln27RHQbNIofm3axUi1Qpdn1s8SAFdsGOmVXXo9kUTtb5RP3jKfrwtRz_XL12r8CG5yjUyrpTmkGzzUkdGEZN8t4MtWCczHV4GSQU5RPbZcK_rkVECd7VB7AXRVODAus28G3Gq4PAFf54DlKsqzJkong__LXyngSs3ct3Wwkxq4QYMilfhY61AcA8a6x5ZDsiBYrDDVP0UmESrQGSwuqW9ONoT1I3S8v_aCFgsxZWQwUKd11YMGx-70Jn-hppmwZmPO&cid=CAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw&rfl=1%2Chttps%253A%252F%252Fwww.the-journal.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 02:57:38 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 57BD 41 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 17 Nov 2022 17:49:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ Frame 9575 270 KB
97 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c302423379f9124fd8aa7750824e15492ff05e52121b564051896448fe1880e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99574
x-xss-protection: 0
server: cafe
etag: 4856457161910514245
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
DATA 200
OK truncated
/ Frame 9575 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8a2c279d1ac498d78c39298c8f20eb2d54e46b0cab008d72dbb01a6c576a2d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A8B 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 21 Nov 2021 14:25:07 GMT
expires: Mon, 21 Nov 2022 14:25:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 131594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 57BD 5 KB
3 KB 15ms
14ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=4699122&adjsver=3&fvers=&iframe=1&ref=https%3A//www.the-journal.com/&ro=https%3A//f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=46989876&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4699122&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CsvlXzFicYf6wJtON7_UPuZSfmAv57K_FZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq--NeH-P7iGuCSy8wehoIEkyokO403-T7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK_WuQph31jVV_bnjY_pkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel_aMJJNcOoxmQMN4UCt85gfy-agktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05-yCpeDv5h100yVIvg--xJnYPRnCkboD-jcogpDKCzSyKU6IAzhj8T7k1n9-Xn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE&ae=1&num=1&cid=CAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw&sig=AOD64_3Yl89uigt3Icz3uJvXzCk8f0Cs3g&client=ca-pub-4096035528202683&dbm_c=AKAmf-CiseqNqqZdBTMY_nMoiH3Jd5SdNWOmgctGL-QRs5kg-3H1mh3wxmD6aV4_crQzyUQebqwdCrnAh4jPdiq5ySPCBX4_r2zRltcWNMansE-ib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg&cry=1&dbm_d=AKAmf-BXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn-9yZ7NH3_i7mSj61AKGBa1qnlNCufh-3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl-fMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM-iT9xEjaHlAEBAg_2kDfx9NaCc1Wr6YF_L3A6jjMMQ_prErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt-Q2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i-jFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo-k5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri_pP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk_78ltz9FsbyVVet2cLZ-GFBho7pCvUGRIwW5tH7w1tQ&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e6db966a9171aa1336703c3d51610e5f5482e3ae226cabd68bbc59433232bf24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 03:58:21 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9575 107 B
122 B 42ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9575 107 B
122 B 40ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 407D 603 B
65 B 259ms
258ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=90&slotname=BCI_DY&adk=1517024827&adf=816031632&pi=t.ma~as.BCI_DY&w=728&url=https%3A%2F%2Fwww.the-journal.com%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637636301281&bpp=18&bdt=154&idt=88&shv=r20211111&mjsv=m202111110101&ptt=5&saldr=sa&correlator=3855579874316&frm=24&ife=3&pv=2&ga_vid=969802118.1637636301&ga_sid=1637636301&ga_hid=492239144&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2892267074&scr_x=-12245933&scr_y=-12245933&eid=44753657&oid=2&pvsid=2675201851342079&pem=543&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9385dpykn80g&fsb=1&dtd=190

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Nov 2021 02:58:21 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
ad2.adfarm1.adition.com/ Frame 57BD 3 KB
2 KB 52ms
15ms Script
application/x-javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/js?wp_id=4603454&gdpr=0&gdpr_consent=&ts=7033594355539968360&kid=4709716&keyword=PACS_4699122_14849422&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4699122&adjsver=3&fvers=&iframe=1&ref=https%3A//www.the-journal.com/&ro=https%3A//f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=46989876&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: f637d83f4e30f03fc6e2be8ef330e81b454fac26a7324845b16bebe8bf506182

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 03:58:21 +0100
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
cache-control: max-age=600
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A8B 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 23:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 23:13:14 GMT

GET
H2 200 banner Show response
ad2.adfarm1.adition.com/ Frame 57BD 9 KB
3 KB 15ms
15ms Script
text/javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/banner?sid=4603454&adjsver=3&fvers=&iframe=1&ref=https%3A//www.the-journal.com/&ro=https%3A//f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=7033594355539378536&kid=4709716&kw=PACS%5F4699122%5F14849422&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4603454&gdpr=0&gdpr_consent=&ts=7033594355539968360&kid=4709716&keyword=PACS_4699122_14849422&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 48b773c4c6a8638966ed23a05d6be53c3821aa50d93aa931953ff57e9a5e0fe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 03:58:21 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
content-type: text/javascript
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe.html Show response
imagesrv.adition.com/banners/268/00/e1/5d/bc/ Frame E765 13 KB
3 KB 10ms
10ms Document
text/html 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 0ad12b374955cbe8b4a83f89a6b2844169c0a8e32ad77a9cd2451f2b2e1d5af4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/

Response headers

content-type: text/html
accept-ranges: bytes
etag: "3514270006-br"
last-modified: Mon, 25 Oct 2021 15:42:38 GMT
content-length: 2987
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: br
date: Tue, 23 Nov 2021 02:58:21 GMT

GET
H2 200 oba_priv.sjs Show response
imagesrv.adition.com/banners/270/ Frame 57BD 2 KB
657 B 19ms
19ms Script
text/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7033594355539968360&btr=true&pos=top-right&cid=626352&aid=626352
Requested by: Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: ac0e2fc56f7f4159231e05bea4b1d8907497ec2b0f9828a18e5ecc5a95e7b4c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: br
content-length: 597
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 57BD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8776c774b1b9d117518fea2da477285721589a70c7a1714e25a1eecf3991a4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame E765 753 B
407 B 18ms
8ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:03:40 GMT
etag: "1134380014-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 01d5e93583f589f527fa1c0f30e5578e.js Show response
imagesrv.adition.com/banners/268/00/e1/5d/bc/ Frame E765 79 KB
17 KB 68ms
62ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/01d5e93583f589f527fa1c0f30e5578e.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 8ed4a9a64852971bd19f9ac530fdc54bef8bd12037cedc80507e249d769ae9c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: br
last-modified: Thu, 30 Sep 2021 14:20:07 GMT
etag: "2167016529-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17779

GET
H2 200 adplayer_privacy.sjs Show response
imagesrv.adition.com/js/adplayer/ Frame 57BD 20 KB
6 KB 66ms
59ms Script
text/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7033594355539968360&title=Performance+Advertising&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=http%3A%2F%2Fwww.performance-advertising.de%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7033594355539968360&btr=true&pos=top-right&cid=626352&aid=626352
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 6230864c84583b53a144a6301a7edb5cac3401608aebf079fe27f70781680c1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: br
content-length: 6045
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 103ms
102ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=99f459f6-7b8c-43d3-a4fe-4e13d0d0ada0&ntv_a=AAAAAAAAAAx8MMA&ntv_ht=zFicYQA&ntv_fl=CF4se3gYGjAPzQcMJoAeWZXtnfVJxkmNFNHQrWtlMtvIq3DMhLKXuVKrqZpr9ULgioHJqBPBjv9IX45wS0UHdaJlXbaVEUc5Ri7bsbRB02Y__YMtxK-qrMVbJGM1nUrKyAzxHfYzT565nNhIAxLBSQ==&ord=1393584584&ntv_ift=0&ntv_it
Requested by: Host: www.the-journal.com
URL: https://www.the-journal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:21 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A8B 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8FQhzVicYebRDZbw3gP96YewDAAAAAA4AeAEAg&bg=!EhGlEVXNAAZQLpa_UC47ACkAdvg8Wka-UbteKOP20Xn3iEc5O8W6Y6_RJBP2xi8qA7ySnhMRgp5heAIAAAChUgAAAAtoAQeZAt5wOdSa5604dcldfyU7aJmaQoToUBbt8da0FI-9WIdnpBdRShhBPQPSD1TPgDLhJzfJdpdKUCt2ptKjEEL57kIGTfGgX2TzfZ3DxBsIIl2thgoKi4kRVunR8faPORkXAw8gmTUiMcBsSV_ueDq5KzDHxoh8PhvOHuJDkoBnqnt9vzSCCojv-a4nkxdwCn-qGuSoMYAYh95XM65tgUsB09T4Lk6cOU5asfTmFdHYZZnRYca-FWq5Zpr7uyeC_iSRnedgJMcyacSPqy0D9msgr58tQjYhif2QNNRUQgcBB3h1wW10FBY-EG98mi78SmsuXq9fSTvaYr6jTFRnJJbaosXfwal-rA7gt1xp-zJ1zp9wkT6hHg-0ZPWSTyi8oEQSoMdb5kebLqp4-ZLPuPdjn9dDauQ1e6mMwI7fsP-QWo6cwe54R5Wy85YssVyX8I1P3Rs7cvZJROvGPdQWcVUpyS37r5247qrXAfkLwCnaydpAObA8uJSnReNLf1S7GxLG0Q9VFRcD7kHtpx0XHXCKUl30sSOaagERUk-hMBShM53Iz3tHsO7sp5x7dURNeWfB6RLq57l5-kmWq6WJMD0veMmgBFeZvlMaOsLJkU62Qe2JGLsR-vC698HJbXXEYyTmNvCmUcZVe9WaQ-6jGsYJ3K9b8EGsjFyo2i1pNWP3QRqmjtXISuTcsTJ9B75Oa_ZLywUnWWVkv8WPbzbySkkO_QfZviAHbWVHC9P16kv9rmuwRfQCpWaqNsgSALpYg_9AUfLK5251anzP6DtiX8i5cRvkVB9CyHC-i-fv3SXObvAmlsaO_YlewV1eB4YVZo6b4JV_b1NEFB0y2c8Dj7kyMmR1jnk2tW16v0rD-xHiO3CqLilCnl3Y_VwAfVd9OwAPOq41JruaahBvstOr-rzRpTkXMuPPeRyCuJ51gNnxs6sSahs8knqpKV7QqkKKctrQnv52730fyDUoDoOyE0Vm7Q

Requested by

Host: f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
URL: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame 57BD 3 KB
1006 B 9ms
9ms Stylesheet
text/css 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7033594355539968360&title=Performance+Advertising&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=http%3A%2F%2Fwww.performance-advertising.de%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: br
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
etag: "524465627-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 918

GET
H3 200 css
fonts.googleapis.com/ Frame E765 2 KB
466 B 39ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:600|Cabin:400

Requested by

Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/01d5e93583f589f527fa1c0f30e5578e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

869f77d11c14732734d72ee3b4f5d5259bc68a0edbf444d2f65871294c901503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 01:16:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 02:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
H2 200 16f85839a309fcbf381a1990031d1204.svg
imagesrv.adition.com/banners/268/00/e1/5d/bc/media/ Frame E765 2 KB
2 KB 20ms
18ms Image
image/svg+xml 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/media/16f85839a309fcbf381a1990031d1204.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 06d0155e67ef45cd233a4912d3ba15e4c61fa14405c388085f0cb9f392a68ebb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
last-modified: Thu, 30 Sep 2021 14:19:37 GMT
accept-ranges: bytes
etag: "3127525063"
content-length: 1929
content-type: image/svg+xml

GET
H2 206 d3761488031d0e495ea60ac201f8b542.mp4
imagesrv.adition.com/banners/268/00/e1/5d/bc/media/ Frame E765 24 KB
24 KB 21ms
19ms Media
video/mp4 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/media/d3761488031d0e495ea60ac201f8b542.mp4
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 7638e407dd9f3b0942d9fec36dca9477c4cc471ce045cd80f20f24c4a45bf4a2

Request headers

Referer: https://imagesrv.adition.com/banners/268/00/e1/5d/bc/iframe.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsvlXzFicYf6wJtON7%5FUPuZSfmAv57K%5FFZvmds6CKD9Cv5NSOKhABILjw7CRglfqigrAHoAG18vKTKMgBCakCFGdquxPasj6oAwGqBJgCT9D4iJYzOpeRY5pZ68yWWFUFrqG7F0Qcy6U6o2xmY1DsfHazAtQLNSOlzJbus4aCJfkg9Yo2DDHiq%2D%2DNeH%2DP7iGuCSy8wehoIEkyokO403%2DT7vbGY778TFJVI9dE1F1mumkdt79iZ1HDSKMy7zFEiGkB8byQ7eK%5FWuQph31jVV%5FbnjY%5FpkShuhrJpYUM85urQUX7l2g0LX6W8KgtoFGikUmAyRvBMSxDEel%5FaMJJNcOoxmQMN4UCt85gfy%2Dagktxdxpq2x0C8ZweTWXnhPvVzQSV91HCwBCdQWxKi6n05%2DyCpeDv5h100yVIvg%2D%2DxJnYPRnCkboD%2DjcogpDKCzSyKU6IAzhj8T7k1n9%2DXn8tJp7ESyne4u5KIcAE0uTEid8D4AQDkAYBoAZNgAe1qsPzAqgHjs4bqAeT2BuoB%2D6WsQKoB%5F6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35%2DxAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT7rSLDcgTiZPW3gPQEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9LjyO9K1Eip33gJZSH4I6CrXzw%26sig%3DAOD64%5F3Yl89uigt3Icz3uJvXzCk8f0Cs3g%26client%3Dca%2Dpub%2D4096035528202683%26dbm%5Fc%3DAKAmf%2DCiseqNqqZdBTMY%5FnMoiH3Jd5SdNWOmgctGL%2DQRs5kg%2D3H1mh3wxmD6aV4%5FcrQzyUQebqwdCrnAh4jPdiq5ySPCBX4%5Fr2zRltcWNMansE%2Dib1VxabO7nUZSB2Wh17N7u0y7izE60dWi3x19sN6Nxxb1u5kgZg%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBXKo99CtQMJj8QbHFqe3mxg9i5SaN1LztTn%2D9yZ7NH3%5Fi7mSj61AKGBa1qnlNCufh%2D3471mSeuupU23nqmI0rjq3NV7DEDRRcRbfTsl%2DfMMhfAGRr7Rs3wljQhya8pWQuIN7qFwBM%2DiT9xEjaHlAEBAg%5F2kDfx9NaCc1Wr6YF%5FL3A6jjMMQ%5FprErtrB6CLStP9BAezK03up6wrrKsJpvmynGKs0Wn9ZGQTq8VbGmchJaAT6jTyr4WKik1TGF0cIYHJeYWVWt%2DQ2Mi9hqdK7MW9cdH2NbdJmBlCgigBG3i%2DjFAgN9HtQThkYSbht6vRkkrcwl7V09w2XOyFPuysvoqo%2Dk5NFH3jouZzctjr4w7hvJ7cnAMQGyc5YjXcPRKwnbsPcOQsMQMri%5FpP84uQRqZlfgv8S4tYOnvmwCzT7hal8QaxIrk%5F78ltz9FsbyVVet2cLZ%2DGFBho7pCvUGRIwW5tH7w1tQ%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7033594355539968360%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4699122%2526kid%253D4799962%2526bid%253D14849422%2526c%253D14782%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7033594355541738711%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7033594355539378536%2526sid%253D4603454%2526kid%253D4709716%2526bid%253D14769596%2526c%253D31635%2526keyword%253DPACS%25255F4699122%25255F14849422%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
last-modified: Thu, 30 Sep 2021 14:20:07 GMT
access-control-allow-origin: *
etag: "3610970222"
content-type: video/mp4
Content-Range: bytes 0-24106/24107
accept-ranges: bytes
Content-Length: 24107

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9575 0
0 48ms
46ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9cAWg2nMMFe_Rm-pQIbeMex8r7R6-G5M4u62UnGcj5wKehq4fGoUsiOreVXxN6b98tMzfGoDAH_M9riirTiV8Z0Txa7aa0BdWQx16kh1GaGpj08BrIKa5UJUGbwLNY8IFLEw_jNkKEloCrwiSemJyiyZh76KcFTYW7DF44efyCX-te5-HZu9xmi71V3Ogc54ukdhPTJGkAZOYlBB2zXpOFk0n2Mj-LI4MsunYuS9WYsZjfLd9BamOL556EWwkbPSGb80kzly8Sp4Zkuf5JLjrHbcZzWPlcM-Kr4I9d945MlIAb2aDf_NTPQIyzOIU&sai=AMfl-YTOfM6_Bjeq0xkUeXuCaAsiTgBNbHAEpEKNp4IHvybO0OR51DM_As3bBXMpockyYZi4MCHCajnlFMf9C76R131hgOJENH4Y9PLWVykPc0tkHg4Lsg4aQfWwzhmgdx8&sig=Cg0ArKJSzPRQNfKnFJy6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9575 12 KB
9 KB 33ms
18ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c19bd7bb2065ff780a90d892f4ec17a71cfde2dc49b1c1b4971197d78ea93126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9297
x-xss-protection: 0

GET
H2 200 oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame 57BD 3 KB
3 KB 9ms
9ms Image
image/png 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges: bytes
etag: "502461915"
content-length: 3262
content-type: image/png

GET
H3 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v18/ Frame E765 25 KB
26 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v18/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:600|Cabin:400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4632f2a6b880931a9a2468fe53828f3a5a4b0934d9f4f6f37d6831214469a07e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://imagesrv.adition.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 18:04:42 GMT
x-content-type-options: nosniff
age: 464019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26104
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:56:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 18:04:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9575 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 28ms
28ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a168be66e4a25fb7e166d5ef657359f70084825227b70d3a89dc3576fdabb9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9297
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F0F5 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 23:13:14 GMT
expires: Tue, 22 Nov 2022 23:13:14 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CAC7 783 B
534 B 57ms
56ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bae8ce7f43d2090cfc07c36447d2508b6e03c2433881cad0737eff97c0f3bb94

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-00anlvYoY76EypaOZYnTNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 23 Nov 2021 02:58:21 GMT
date: Tue, 23 Nov 2021 02:58:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-00anlvYoY76EypaOZYnTNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame F0F5 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 23:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 23:13:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 02:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 23 Nov 2021 02:58:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0770 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 22 Nov 2021 23:13:14 GMT
expires: Tue, 22 Nov 2022 23:13:14 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1B4C 783 B
534 B 56ms
56ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

654a4e9725db30eed8aeb839cdba33920e6c9250c09c9eac4b33c78f092a753b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qYqKdXpmug1R3RrDacl1fQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 23 Nov 2021 02:58:21 GMT
date: Tue, 23 Nov 2021 02:58:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qYqKdXpmug1R3RrDacl1fQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CAC7 0
0 30ms
30ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=2675201851342079&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0770 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 23:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 23:13:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B4C 0
0 18ms
18ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=2934516666814178&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9575 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=2675201851342079&bg=!3N-l35vNAAZQLpa_UC47ACkAdvg8Wrq-s0IWkbfZ2n0_bFqbrIIKC8d_ODuST7w-Y-9YTmhlnmolwwIAAACNUgAAABdoAQcKAH0Znqu8hdrCceyY4bk8xxCkTCZTeFiFgDXdBTP6fOUGNzGeYvfEo5nXWtdlZhYnsSGhEslPrQ6XR8SIag-AvkXPO3wwbT1Tj-CUEbuYoq7f4rHz78cTHChfvkg00eS6iNLbQiM90-ZXjWH4DFI_AJEOIVz2DiQ-_iRZk7NaNZkCyUSItyXlmRAXxbzZCZZ_1DE_m6r8OWyRAu0MQD6tKAv5SdTOlzxeePDZdjD31JZJYwSC2r0fNJjIUykS-ewFe0El38A_LAE_5WZCqiOuKJHoMm0XR5ufF_pIMipxU58hlYB4P-nUkcoXevaU57UTAz37d4h1xMuZglnqbj-46QvB0BExVlPC8O6NN9bobuETDw35WFohgtrKOS0eMVHGKwX1eODhwwJ15T7Nb9aR2mX6VyPsjth0WPrrQ-vnb6oOHTns5TQEbtYZhyhS3M2kvYrPQwK1bLvhAk_gHQhf_DBGn2VSMaQzESwQSIv4vG3vGzLsyileNcXVLf7m0MKryxjdRO7LipiGldLIpLCDwhKniCX5mhA2EQGSodZfKSzABFS-rvE7CuTCV_MQEqaGxw9-gAH-TeoIZ3BSJTjWMdLxqxEzYi3EyYINtt9hryIVLj4ve2SSaK9ruEXwwB-lI8UGBGI5sfOWe3D38DDILb7w5DhZYY-8LGg1DVeVJCxIGsvPCUx_JJdulRHSSxVJ7kEJLDGt0OF-qAg5grnCvON9Qw-Ek0uo5ngcewievCNldOVBYRVLozOTGQup94MTzA0OHioehSlDSib9Pr8rux39lLf8gDFAo9X8_zaUrrn3HCyZMlBBM1Tn0M9pJP5N7AwugLsz6jP7WDc7Ep7M5kI5cOGecvY-_CsFAQqPoxHmb07J6ZtWPqiWw8Hthp6Odx7Da_unYLRTtCzlvU3PFDtm5tcx_bqveVlrGeRmJEYzaDlqBGonWRJnMAAsXJT9nUJ2KiDwXd-TXduf_0sqQHICrDLhD4oMRABdDNFhV2Y_NfZJMKtTu3fL7pPDzbuBWBca7L_jJ0EucMLDGlrffjsJIyDwXbezULJFw1Unc8VFQNpoaUuubbhY8yASmGimbsbcJ5qS0sXqwyczu2V8jZgsaLxYsK568WRQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=2934516666814178&bg=!d3SldDDNAAZQLpa_UC47ACkAdvg8Wi1KYuHpZeFVpCrBrsnotn_AVWkqkcmIS_Tuf1IBusT4LOaoSgIAAABtUgAAAAtoAQeZAoznkS08ZJ7BMM81Phzq_Pk15nxUYQ1vnaxhvKU9ZG0jYKHGQaP7QbPZiwj2NDAR-FVeRGRXRVySiYNckHfYe3ZI9girn-kinLlCcNNHanNhVfvI9ZH8KDwmFO3UcPg6iM-UkDZlgInI-lXC8a0DF7BqusUv9NymXPFkj_SeeMYG6WWMn9lffsDdtym2OnqXY2AD-j_MDB0GRVTiS1rMhMC-75YZAbBqUt2ilAnxbhZWiFVDi66YzAzMviWmsiyQfYdH-dTfYnzwH3qFgUPYrivoMNcPkxcZyc6Qk4Dzt-DhAl1dafy8gPKXiqKVAimul5sw1zP54yEzRimvVoDBFESLG38Stu07N7sAXpuuGv0ORqFg1Qvm9NmRUb97EhaDELM4xiqRBkGu2ltLxK7970yjwuvfvNbYUO3JJAMZ6jfVfdl7H6zV5X_NANtF6_DVNG06L7z9EOoPuHLUmlOjsP2_9gmo5216AD7SIjBbp9PMZd3Fu5rRoZBzdopnos_nYzQsjAqz5QPe_0Mzwe2jkuEhBKqliXfHIvNJvpKQDAC9-9NHoDXo4LJ5pPdAuGzWchEm1wYzU_QsjD8decSipmmNoqod3ZgAY_UhIPMmKmW9TnSXEZG-dIz3hZk547ZjmNkBI55077VdArdkLJ0P1P_Ef5L8cgilt4eSvx3g7cvZNRUNq2Yx63FZQj4ocgZLzVC88yPJFGd_7OJmyXDjDsrL6GiLQizZw07UTaxN51EREcV8xaV58P4fA1-omds-NT9oa9d6DYzCqorJhwOa0O7wACswePXfevnq_HJUlcyzv9oDxBqm1KR2gvolpYNTOn--lkaz2kYzUUK9NqRkwYEWBokYny5adCUws0wd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 102ms
102ms Image
image/gif 75.101.244.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=2316&ntv_r2=2316&ntv_r3=2316&ntv_r4=3126&ntv_pl=836551&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.101.244.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-75-101-244-20.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.the-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:22 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9575 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOa1RZyebq8iYbI-ZYlzJgut75V7ehPZmWVmzxKGpTQ6fNGnRpVLB91uGiAul2xq9Z009hI8dawz5Ssh5LZeXx8T7_fNIotUbbgIY075mfm0SSouFX&sig=Cg0ArKJSzBMWUM0GmDTMEAE&id=lidar2&mcvt=1001&p=683,436,773,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2390553423&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637636300915&rpt=843&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 02:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F15B 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/PeAAwgoSllM
X-YouTube-Client-Version: 1.20211117.01.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZWkx6NEpSSHpYNCjMsfGMBg%3D%3D
X-YouTube-Ad-Signals: dt=1637636300633&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C598%2C336&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 23 Nov 2021 02:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 23 Nov 2021 02:58:22 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7F0F 28 B
54 B 28ms
27ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4c89207b/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/PeAAwgoSllM
X-YouTube-Client-Version: 1.20211117.01.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZWkx6NEpSSHpYNCjMsfGMBg%3D%3D
X-YouTube-Ad-Signals: dt=1637636300678&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C598%2C336&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 23 Nov 2021 02:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 23 Nov 2021 02:58:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Domain: www.youtube.com
URL: https://www.youtube.com/embed/PeAAwgoSllM

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.the-journal.com/	1970-01-20 07:38:24	Name: visid_incap_2533508 Value: vuGlq0l3SKK6tusih/rHuslYnGEAAAAAQUIPAAAAAACPGrk4ZFRpMdT0XtUqGJa7
.the-journal.com/	1969-12-31 23:59:59	Name: nlbi_2533508 Value: HItZJr17iTANyJN5tZW8gQAAAABUOne09vanSD/voSPfAIAK
.the-journal.com/	1969-12-31 23:59:59	Name: incap_ses_8216_2533508 Value: KhewRz9j/lxDTXzIwhgFcslYnGEAAAAAjbaPin6krIxzh6Ki1iusFg==
.the-journal.com/	1969-12-31 23:59:59	Name: incap_ses_471_2533508 Value: 9J2HRU5h3U5LKReNilSJBspYnGEAAAAA6hMvNXGlI1ctaIm2yDxWYQ==
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: xImdFXnl-J4
.youtube.com/	1970-01-20 03:13:08	Name: VISITOR_INFO1_LIVE Value: YZLz4JRHzX4
www.the-journal.com/	1970-01-19 22:53:56	Name: ___utmvc Value: +WxVLWlHxQsd++hbKEe8fJkAx/XTQbUpHW446KIo/Fkp7l7yImuKpQYTfwctqldhGr3D+e4+ph2dtPvLg85Lo+34XTI9yaNWn3Erii8zqr3GeMtD8Sv79eAv00Le+BOJVlXvejic2XCugWVvCETdc4evhDpH4j3VhCmvC3/UgIIS8l7unEmeQ+1E9dpTfyKO7VW0qzp7UtsG4d5kWI29vKarXB2ne6+5k7WbLWG9rm5EwwjEzeF6odqpOwG0o+aRdvBaRiRJVftLVu/sHf9vFvI1MmG7jeTdWcruLV89kKO2LHMQROKf6r3Kq4SKf8PNii4FfFbBtWmzyKfuyKxMBjoJ5wPPR66JfKffhuoTi1ZUhrf0yiXft373J05mgnr1j2AOJlmvo0CIlo7ZZE6HjAXsboWK8yiB6YAxxCpHBWENUkm7LIRKNmEWnaF4pmT/dPQVZSnB/jozewKv/o62uFc2AAmE5AGOaa7qQmLakQrFnqfBtFsc3XiNkX8G1CdUF/CXtt+LbDpVkBdo3RcZi3pI2t04cZ+JGJoT6OVIiALjlGEKPnRLd17jwO01t206nBBjXIyes8LCm6vmCaSESi+Msr8mXqh/wrFSaX8SZ591JGN/U2QKvKWGHjVUSwYryUXJLS278KVnJ66y69B2lCKz0Hlu9MKg9ieMzCIorMrE3qYZ5waV4PHNv91zARPytASixPcMf4uoSfeYp+GjsUCLEr/ErBxKSi0wgDbO3TYNzzvIpvgM30g0yyvWI2AzthgbiBEO9kCN2An/JVmSEtb1RsU5Egr8zhKdSt1Eiwo8XqZNgisW8SvR3L9h/Siym8+j9n5C5tR9Q809Cx3TOfDXPcHt6BYdE05usOZ8TnzvOhPpJ105PI2TbWvbCJH0v2O0wU0yve9l0Gu1kYBzFC+khSKNxYEBa4FB3H9HpGaNT5XhvDoe2X8UtEonKja5LLcsvMMkIn8UWd3JJ+q5c5rbynY750f3WXsbjJf8+fngei+gpvPMZrOWbxBaO+VFqmrd+plSIw8JXX1H8BmoL4DEy+2oHZ3UI8Wjc9JsuD84F1N18aw2M8szkw4fCZ3osotMHvd+uoQFZQaieUeovxQ9URpp9XCNBM7RZYF6tcC1M8OcrJDB86HIS9oDSr/buvuQ/iRqtvqBKX1bP7T5XPwjmDJHg5il+X/JiYC73mCWy/MzSLjHYdLq/TerZSQ8JrRyi1Z4Z1obuq5MECxTY0ARFR2wkEoVHKPlty22J2xM1Y2q6syktbkkLkE0BXr3XEBpZM33IC3rn9xAb/MJIZ+5qa+y5UOZPoVPEg3gY5k1Nt9P+c4ZzYmYMELIC2xK9UGx2dh+nqe2H6kLtzeQ3NWBtmdI5Y2xMmF4Ywk4ap6mTfDaCTPwzeNC3u4IOC/+dwr5WZnJH355Lz9PwWdenJNmCqH2LNuX4e7xaGmfbvIbG8eJgliBUnzibnyX4TVoWhjD3wSb0gyDv5oIKdGgRnOmMNJQeSGCnCfWW1BmjclentzvM8zcsjGL8K84xNJo/LwJyv4JuVa0qHRZXsJpcxk9asQdvrl35eUCS+OdYqjeoorF7l6E0rfOTo8sM6cQuNnImg3jpo6v6+har4oRrLLKX42L0nPjrbziTUDl0dyWMKthayq3dRJGMxMvJw8L9F/zNa8lFlUyYvGlK/N0CnVzvKnnG3unSZagzNKywMoUFKvlj9IKqqP5qG4dMnU5UNowI4np0sRQnVYOWSI2TCKlzfeWuaIyNAcI6a8oshMKrNRir1+hpvaeeNLqjtJC66mZoZQcd7bDkuSVs64zo3MbSFH3xNdhUuaczeOJsyrCTs/GVAb1C9iR7i6U6haYSWcfPEHuC4iFB+f6QuAaV0lcI/b8OjStHzxm4VdIF//ANRPXNsBwSuJKkR3pxdHb50CFm0VHFihUwiyaPJZq3tB2pvfQRq2DxttgtkDiQPIcwau77Kc0rqiCC0MRJv6OLfFZ/PWtsZoWfTgkwEYOLkUXIDWLBY1yyGJN52I3A02tSlsp+Ogk0K7rlZUjufsnMZXVvW1N36Hg+AXh7icG53UdQf2C7mq4j4mrFnzW5WxLFSFuN+ySc4edTWk5GtILI3xWZ3xE2C+GSNW+5m3xUPUaqeP9kQ2tCnxykfZBtAJU27ZWAf5EbA0IrnJKBSxdUj9slnXE++BCgTtZqwsnWy5FO3bkXbyIRrqPJCRw2AI+cUVwhUzzhSMnACVawrl/8kFM449OcOaJjoohUEHQCgXDgKjgW9SgeaBR90Du39qrVHNSXf3zr9a4n3B6JacHYqof77kLeA9aj6XujXIebrakWNSshh5tx+k75UD6ekaqDe6qi9xTyjX13mgL8YdsNxRnyvS+PgstS0LU6Oaq5MqHndrS0OqakoCYBvV1ZWQMHr2PnuChje0jwTbf90fsYmH92Ty9NrE+bRKbnpIHwUr1KqrbmORT+jG2oXo6p8fzqH7LPbZzT9q9kLCb9uO6sjBprRzi4B1vF3jWIpFp1jWvnKY3SKNk/8Yi/S+vGJ8vzJV1eMsIWFk6JfNi5rT7jQhmNken7RJRSxeKcIZdM0jynhorBCZnUF9bqp3iXsKgV3lrwV2MkDGxH0VWCQARQaOmmChVSH1g9USeouHEpsMO+s2i9Ljt5xAQAWhao/rNuVeoQtMPfRAaIg3i7Gs5ERtepvR0KG9OLGRpZ2VzdD0xODQyNDAsMTgzNzM0LHM9Njc5ZjY4NjY3ZTkzYTE4MDc5ODY5MDY2YTY3MjYzODE3NjY1ODQ1ZmE2OGM4N2E5NzhhZGE5ODhhM2E2NjZhNTk1OWVhZGFjODc3NDcxNmU=
.the-journal.com/	1970-01-20 16:25:08	Name: _ga Value: GA1.2.2093938713.1637636300
.the-journal.com/	1970-01-19 22:55:22	Name: _gid Value: GA1.2.599917211.1637636300
.the-journal.com/	1970-01-19 22:53:56	Name: _gat Value: 1
.postrelease.com/	1970-01-20 07:39:32	Name: opt_out Value: 1
www.the-journal.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":378141,"placementID":836551,"lastInteraction":1637636300487,"sessionStart":1637636300487,"sessionEndDate":1637712000000,"trackUserSessionTime":true,"experiment":""}
.the-journal.com/	1970-01-20 08:15:32	Name: __gads Value: ID=5b752f38d32eb158-22033d6ff6cb0039:T=1637636300:S=ALNI_Mb2xj2mvAputM_-PqcGkK1CH91IWA
.doubleclick.net/	1970-01-20 08:15:32	Name: IDE Value: AHWqTUn3s1CB6qk870Im8tUtzD3chmnJUeR3E5SyOiCGN2yan1dNnsQRFeyaXt5xxuI
.adfarm1.adition.com/	1970-01-20 01:03:32	Name: UserID1 Value: 7033594355539378536
.casalemedia.com/	1970-01-20 07:39:32	Name: CMID Value: YZxYzW7ibcNNJD6iwfLpOwAA
.casalemedia.com/	1970-01-20 01:03:32	Name: CMPS Value: 5228
.adnxs.com/	1970-01-20 01:03:32	Name: uuid2 Value: 1218487394549201276
.casalemedia.com/	1970-01-20 01:03:32	Name: CMPRO Value: 1104
.casalemedia.com/	1970-01-19 22:55:22	Name: CMST Value: YZxYzWGcWM0A
.adfarm1.adition.com/	1970-01-19 22:53:58	Name: lv_4799962 Value: w=4699122\|t=1637636301
.casalemedia.com/	1970-01-20 07:39:32	Name: CMRUM3 Value: 2d619c58cd2760CAESEG-8x1Xj5FP02ZAMS-RDDDg
.adnxs.com/	1970-01-20 01:03:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C'$s^?P:!]tbPl1M>e)ZlrFUfJ+tGXxo7HSynI<:LlA@lhG9:sWsVXQs9m[81+K..+[hbpRzqF1`b`3U:B1(
.adfarm1.adition.com/	1970-01-19 22:53:58	Name: lv_4709716 Value: w=4603454\|t=1637636301

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dsum-sec.casalemedia.com
f694bb34c4d6c2738d23fdc10ccc3dd0.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
imagesrv.adition.com
imengine.public.prod.dur.navigacloud.com
jadserve.postrelease.com
p.typekit.net
pagead2.googlesyndication.com
prod.ew.dur.navigacloud.com
s-jsonp.moatads.com
s.ntv.io
securepubads.g.doubleclick.net
static.doubleclick.net
static.ew.dur.navigacloud.com
stats.g.doubleclick.net
the-journal.com
thejournal-co.newsmemory.com
tpc.googlesyndication.com
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.the-journal.com
www.youtube.com
yt3.ggpht.com
z.moatads.com
www.youtube.com
107.154.102.252
107.154.114.252
142.250.185.162
142.250.186.98
143.204.98.6
143.204.98.88
185.33.221.87
2.18.234.163
2.18.234.21
2.18.235.40
2001:4de0:ac18::1:a:1a
217.79.188.10
217.79.188.21
217.79.188.46
2606:4700::6810:5514
2a00:1450:4001:801::2016
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a03:2880:f02d:100:face:b00c:0:3
50.17.180.6
52.41.123.208
75.101.244.20
009fcda715f482efc75b408f44e22fdaed1ee31318b5877fea89d36effa5e75d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0169f0c4db4157dd94cb7398e456eaf46fce4f357d7ffb1ba74151639b3b8326
0331289ba029f03ffbc91d9c576516a11c4f31ff41ddfbe7994760bc5d3f8a87
03ad25e3fcb013ef61e8820c255ee7cf9eb8f50d2dd44dd4e860c82783c8a4ad
06d0155e67ef45cd233a4912d3ba15e4c61fa14405c388085f0cb9f392a68ebb
098536009e162c6da10e1db372c4aa219a6e562b824becdc8a3abd016de82bbb
0a82cca628e64d47282eaf4006e75db5587bcdf6141653668d1de2f61bc116c7
0ad12b374955cbe8b4a83f89a6b2844169c0a8e32ad77a9cd2451f2b2e1d5af4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cc3fc597bfa7a2905a9bba036b716d136442312ecdd6abb73cd294b6d725639
0e73619e9ecea219d864310fcb1cbd64bd35a35d03eb67619c629b1e3fc72050
11d71303fd0391b4908ca476405a409f1cafb231e1cf1bf589bec0b3da52e720
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19dd72117fdacd7283996ce3b5c14bf3a721548efbe48206869c1b606724e7a7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d08e25f9ad9e53b29abe11ceabca06fbeabae92b50fa8804d271c634388f4d5
23b4e946dddf92269d0882610014d48217ad0d1b3912fc80c17ddefb69323a37
23fe36a9296ce39e4754d108a9662995a3d29c0239d2af8c171934033b548aaf
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
276ab9be8edd6e881ff5cfab7e41c33c56d68c876ae1d94fdf5c6d58557f896b
2a6bcac59a8b74326ad35375cd19f5827f31992349e020e49031f515b4987d6f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d7ff45a750555d253670331bad2ce688d93b626507e99a16c8e292d746645c6
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
33bbba013b4c658ed41f35ad6401fa99e16b14927c6d3fd514652b9dc0707dab
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3716d065240458c2eef8cf502c0d3ed6096d48a945b832839874759739de4beb
37db078c2b23556af31ce07da48feb4cd46ff18d886f9460507e384489f9617a
38114c5de35349d4e12d5fcde4d20432ef6586c760a22712f8682e3a0a750a1e
3a044d8c63fcaa389fe0e087f1049140e317b0ae7012e7b74665ca889c4fa50f
3bdf9327e35b1e35aca06c108aef9209415d4d204b867abfb85d55a9618a6399
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f317580bdc191899303a8dccb293fc8d11dfcccc94818622c008285645d3f57
3f38c93344789f557b5aa27f3e0c7811f6f6958882cbd6a895cdd2005b8222e9
3fec1a86dd11a9d06023bd9603d5fef8893d7f425b331a50195b11ed0bb7d3bc
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
426c120ab0c396ef1af52e22fef905e7aef7d8c87a92bba6e7ef86d67991644f
4593176c4d7a1f1b74080f576e151f52aebc5b2fe9f4c9c2c884f77a4a0b0115
4632f2a6b880931a9a2468fe53828f3a5a4b0934d9f4f6f37d6831214469a07e
4823802e5f10da631965c117490c7c9a3a1cbe87dde7590e09d9a07e53988e75
48b773c4c6a8638966ed23a05d6be53c3821aa50d93aa931953ff57e9a5e0fe9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c455bea320762101c4326efa9349b83630e7fa88e88061d35a550f776b690ae
4d788357d10fca0d5e377c170d397a7919beb3616bbb69e2b95d1db9b4710029
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54af4ee6c289dcf9dbdd876bddb980c0213ed5e7938b16b46ef639418322fe26
57f37afbc85e2a39d505348f44ef4951182a7274c18469fc060a5d85d9f2cfd4
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5b6bf618b2b840080277b4fb36fdd928f25391622d23243366c12a2c2ae03648
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5c01bf28d585ff45c8c49236f3964f6fc1ddc1d7a4fb0f493393079587d11de2
6230864c84583b53a144a6301a7edb5cac3401608aebf079fe27f70781680c1d
63b04a2c7bb9875846ca4d385f339d1253a5623fba405014b64e0d7fbd361785
654a4e9725db30eed8aeb839cdba33920e6c9250c09c9eac4b33c78f092a753b
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a424d31fddf83e59bf6bef7e76582aa3ef2730c06e3b165f9bde255058b48c1
6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee
6b12326de41dc70e116c8d2e6b1a4f5dc046a00408aefa7b9324ac48947f51ac
6d919891d72f5aaa69138f77e4d7806023a3ce7f0bc0aed99efe6cc5ea73d904
6ee100f4e088e1b9934b3a17565155185435d4420824d260c48d5eb99ebb8312
6ff3ef368ab7be1a32fc8b6c1f1cf450cd6c556e6eb2306cbb5559dd699af38c
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
7544e6bad60e8b097c310ac807a879448b450e1ed11da9110975ce6c6d9875cf
7638e407dd9f3b0942d9fec36dca9477c4cc471ce045cd80f20f24c4a45bf4a2
7957958e558b7ff0e29f946e66af0ad96c9b22d9bd623740b37b2d3b9675de43
79e8b8b16fd74b900c2fb753e9bdcf48dd54aa91f2c99c831387509994fca764
7a168be66e4a25fb7e166d5ef657359f70084825227b70d3a89dc3576fdabb9f
7bcc8182c7665f2fa1267b3a3e4f062aea755ff48d5b306f2d0ab08ef3abc0cb
7bd2a0d6641bf94f2a783f274d17e3c382aa0f39cb43520e247300a434c43128
8009951f2c5ff03d4f6ba32de70ca4671df3d8ec258bcd7f4a81fd767eadee6f
806456e4bd3904caaf6c815ffc9014c1133c9a13a4f7654fffcd9e376b5385b9
82b427bd741c66ade5e0da938059a1abbb69eaea64d44d9a83c578d1b5a1fe68
82d70a285c90981bfc4edc917670773e26a116c506614dfa09138c490e82f1d8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8597b93ad3200bd0d5bf0f8ff0127d87c791efa62ad8e8f043dcd834a4753493
85d571bd94b34bcdb672e3c3016f84e91fd938033ffa726f003fc7b4da0ca8fc
862ee1980493ba1eee6e287f952d3fd82610d0bd353f71ad25efe95251433de3
869f77d11c14732734d72ee3b4f5d5259bc68a0edbf444d2f65871294c901503
88dea3842c3eeb781bdfa182fabf5cc4d799f2e75e3825839e4d6a9540978da5
894c2f920e6c9a2b9ae7849796dd8adbe8e9857754f99ed6184d31d3994eda9f
8a9d9b0e23fc73ba768afbf2f278a7f0b62efc7e167dc7beabf3afe45feb02a4
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ed4a9a64852971bd19f9ac530fdc54bef8bd12037cedc80507e249d769ae9c7
8fd5b20477b840eea6c67b3ed1840d37eba58327ed5652a6ce60f5c3c11e9d1d
97dd3e71f8c61a3983980058ca06e148de55c2dd15df4a22579c2baa797911d0
99a04edd5498bdd844f2d9349d521b6148916e1c30c669e06a7dc538a26f7400
9b7e2e7673fcfed5d99583872b35c8fff6d45421b2cce8959a54fd081a810e90
9c302423379f9124fd8aa7750824e15492ff05e52121b564051896448fe1880e
9f3ab4e0db957122eadd953affc53c8c1cd6675ce2e7e6a9c801b82196d2ad0d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5082755c64f16961712a00b54ab05be4e4d7ea342f26b50892c32229920494a
a51177ce27c9440f635c6bfef9bd3aab0b52a97d5bc8540e2e3a9ad8f4c46f6a
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8a2c279d1ac498d78c39298c8f20eb2d54e46b0cab008d72dbb01a6c576a2d9
a953dd944057bd91c8fa466e6ed217f668be389693ef8d4834a4384daf6b063f
aaee4ac5d612c170282e07385908404a8a20b055da1e9242099106bde3227efc
aaf36a080972aec70025f6558f218a57a74770aa06d5f0152e29902799852f63
ac0e2fc56f7f4159231e05bea4b1d8907497ec2b0f9828a18e5ecc5a95e7b4c2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0904426b658f49f43280cc6ba75d9dc9fbe6a764b7c9fc2c11897c30af3f3e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cd6e7f884567157268a428a6e69ec79dc3d88857bb1cc03699e1441d9d1293
b304d6f9d7ac625009fc0734b2f8df9c90ed3368ea51fbeec2851a83bd1c2545
b33d644dc618b1059c434355d0689aec80860d5f4fbf839b9ccff9cc8d16bae6
b75b87bffe52ed94a10eed51cbb204b37fbb9b82244c5d0abdb5834128bfc9ff
bae8ce7f43d2090cfc07c36447d2508b6e03c2433881cad0737eff97c0f3bb94
bb094b7030fadd4fd872d58b62ed02e9589f91245cf5fde4a61fa552a1d437ec
c19bd7bb2065ff780a90d892f4ec17a71cfde2dc49b1c1b4971197d78ea93126
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c409f2c6ab78e881bfb9d94ea857a804a3276752f35292fab291d41f99955c9e
c40cd261bd5f5743502f267c89a1d9f087035e82a4472763e472195e32d8940d
c569951d4abd4b4efe25bf2b4a19f174385eacc39fe063fcba3b3dc7d8bb03b2
c7733029997214ea393d9f81e74a710de87d65ac9dff442927108e0d421c51cb
c9614f5ea459a09a2b65080d3b9de02e4414654dd721ced016d0f5450a44c6f8
cad66c8e9c5ec897d4a2db6a0712510447f3c6c51e0c42776b7a230f969d679f
cc7648e65bcb10e6ce8b89d4281cc1ff291d7858e3cffbd702d67b0f9ea6acb6
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
d356306883d801f98b56d3c229f8a6e6dd1d900b7588ff96c855e37f0cf0d47f
d4c534ad98f69f04176770bc17c4920ef79209915dd1b354721189466f07c7a9
d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d872f0ea2bb502905b7e23ce35f353acbf8b65ac75cef021b4872ab444e68c64
d94f18e4a6c5b3f5cb7055c23757321077e461e2ecb5f117c9eeeda1a93435b3
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd10e3619ef25161603f7049de38ea28b712a390fdbd4bdfc5b93087dfd7a70b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de765e9d0f6f9a818c07d0fe0724bae4394ed6e203004320777abae9038e56d9
dff91edeb3acaaa0588c9f24fa09e53657bfc83f1423e37332e55d32ff2f9f2b
e1e7e64c14b5f10e4c1b223e45d0acaed3a02dc91c59fc515a0c29568ab1642b
e2c590879e4cab6b4157a626582df9f06614ebfbddf7f92212a4836f07b96e48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51e3aad2cadfc06bb7915a170351cbc6db133089a5c510a61f1d88a6d148c94
e5b7f18cc4c5713c6fc95da71e3b22bf0a3ad4d66ce0df9781b0bc2a3f1b924b
e686e4911f62a21a1fa7309f439bef7e3652e326e3b965c57152bfb3d23cd152
e6db966a9171aa1336703c3d51610e5f5482e3ae226cabd68bbc59433232bf24
e6f03812c4d51c2cd26cd248c6e6ff7b3dbcb673b23e6a71c4f31dc991f704ca
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8fd44b2959e174108d7f740a61723af1e3078710547b3e33f2e1892349afd12
ebe8dc90e0e1e958adaccbbb222051f6d8e6c9dd47de2023bf213f9a87e2e846
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee363146dba91bf2f44df03c63a6442a0f99e72d9b2d21224f3532f78b31223d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1daf843c091a604088d813b267672b260545912bc664344183d572b6889ffd3
f288c846c9e301ccbf6afc835de4a8eb87441045bed3391c1b8fcc0810fa23fc
f637d83f4e30f03fc6e2be8ef330e81b454fac26a7324845b16bebe8bf506182
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
f77461e0aec0426f4f2cb822c480575e3185d9faa8eb7bf39c9022d98d79de27
f8776c774b1b9d117518fea2da477285721589a70c7a1714e25a1eecf3991a4c
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
ff0843d51035fb3ccf9162d8fb95e5b57bf9d4cfae8b75d28ede0fcbddce0f91

www.the-journal.com Open in urlscan Pro 107.154.114.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

221 Requests

96 %HTTPS

58 %IPv6

24 Domains

40 Subdomains

38 IPs

4 Countries

6216 kBTransfer

13569 kBSize

24 Cookies

57 Outgoing links

Page URL History

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.the-journal.com Open in urlscan Pro
107.154.114.252 Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

96 %
HTTPS

58 %
IPv6

24
Domains

40
Subdomains

38
IPs

4
Countries

6216 kB
Transfer

13569 kB
Size

24
Cookies

221 HTTP transactions
6 data transactions