urlscan.io logo urlscan.io
SecurityTrails logo

www.westernjournal.com Open in urlscan Pro
2606:4700:10::ac43:b63  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Submission: On May 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 185 IPs in 14 countries across 141 domains to perform 697 HTTP transactions. The main IP is 2606:4700:10::ac43:b63, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.westernjournal.com. The Cisco Umbrella rank of the primary domain is 66155.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2021. Valid for: a year.
This is the only time www.westernjournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
3 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 54.179.155.135 16509 (AMAZON-02)
3 185.152.64.17 60068 (CDN77 ^_^)
4 34.95.69.49 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
8 23.35.236.201 16625 (AKAMAI-AS)
2 2600:9000:215... 16509 (AMAZON-02)
1 143.204.98.58 16509 (AMAZON-02)
17 2606:2800:234... 15133 (EDGECAST)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 52.55.141.237 14618 (AMAZON-AES)
2 3 198.148.27.139 19189 (PULSEPOINT)
5 35.201.96.133 15169 (GOOGLE)
1 2 23.35.228.23 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2602:803:c003... 26667 (RUBICONPR...)
2 8 185.33.221.91 29990 (ASN-APPNEX)
2 185.64.189.112 62713 (AS-PUBMATIC)
3 72.251.249.14 29791 (VOXEL-DOT...)
1 34.107.148.139 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
11 143.204.95.188 16509 (AMAZON-02)
1 3 143.204.98.86 16509 (AMAZON-02)
11 151.139.128.11 20446 (STACKPATH...)
1 28 151.101.130.137 54113 (FASTLY)
3 143.204.98.110 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
10 104.19.135.78 13335 (CLOUDFLAR...)
2 143.204.98.16 16509 (AMAZON-02)
1 4 2620:116:800d... 16509 (AMAZON-02)
1 52.218.169.136 16509 (AMAZON-02)
1 143.204.98.17 16509 (AMAZON-02)
1 2600:1f16:bc:... 16509 (AMAZON-02)
7 54.85.127.29 14618 (AMAZON-AES)
2 34.120.247.19 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
8 142.250.185.162 15169 (GOOGLE)
4 104.244.42.136 13414 (TWITTER)
61 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 52.54.238.249 14618 (AMAZON-AES)
1 3.210.171.28 14618 (AMAZON-AES)
1 2600:9000:215... 16509 (AMAZON-02)
4 151.101.129.194 54113 (FASTLY)
6 23.205.241.117 16625 (AKAMAI-AS)
1 2600:9000:215... 16509 (AMAZON-02)
1 143.204.98.116 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
3 7 2606:4700:10:... 13335 (CLOUDFLAR...)
20 2600:9000:215... 16509 (AMAZON-02)
1 3.64.102.19 16509 (AMAZON-02)
4 34.149.20.76 15169 (GOOGLE)
2 9 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.98.64.218 15169 (GOOGLE)
6 52.215.230.177 16509 (AMAZON-02)
1 145.40.89.200 54825 (PACKET)
1 213.19.147.43 26120 (RHYTHMONE)
1 178.162.133.150 60781 (LEASEWEB-...)
2 132.226.41.106 31898 (ORACLE-BM...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.60 16509 (AMAZON-02)
2 23.205.239.15 16625 (AKAMAI-AS)
4 52.51.108.222 16509 (AMAZON-02)
3 2a03:2880:f12... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.206.210.112 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.194.137 54113 (FASTLY)
9 3.132.38.126 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 143.204.98.122 16509 (AMAZON-02)
1 143.204.98.101 16509 (AMAZON-02)
2 143.204.98.76 16509 (AMAZON-02)
7 141.95.98.71 16276 (OVH)
4 18.207.20.6 14618 (AMAZON-AES)
2 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.216.112.245 16509 (AMAZON-02)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
9 2a00:1450:400... 15169 (GOOGLE)
2 4 18.202.70.186 16509 (AMAZON-02)
6 35.71.131.137 16509 (AMAZON-02)
18 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 3.124.7.106 16509 (AMAZON-02)
6 54.195.231.245 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 143.204.103.41 16509 (AMAZON-02)
8 178.250.0.139 44788 (ASN-CRITE...)
4 178.250.0.162 44788 (ASN-CRITE...)
5 5 54.93.71.13 16509 (AMAZON-02)
8 17 142.250.186.98 15169 (GOOGLE)
3 3 185.29.134.244 30419 (MEDIAMATH...)
1 1 2600:9000:215... 16509 (AMAZON-02)
8 8 213.19.147.44 3356 (LEVEL3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:134... 15133 (EDGECAST)
1 104.244.43.131 54113 (FASTLY)
4 199.232.188.159 54113 (FASTLY)
9 199.232.136.158 54113 (FASTLY)
1 6 185.64.190.78 62713 (AS-PUBMATIC)
4 7 37.157.3.28 198622 (ADFORM)
33 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.183 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
3 198.47.127.20 3257 (GTT-BACKB...)
5 5 51.210.112.63 16276 (OVH)
2 3 169.50.137.182 36351 (SOFTLAYER)
6 104.19.136.78 13335 (CLOUDFLAR...)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 23.35.236.188 16625 (AKAMAI-AS)
1 2 46.249.52.248 50673 (SERVERIUS-AS)
1 152.199.22.191 15133 (EDGECAST)
1 8.2.110.165 46636 (NATCOWEB)
6 23.205.235.133 16625 (AKAMAI-AS)
1 104.17.120.107 13335 (CLOUDFLAR...)
2 9 23.35.236.247 16625 (AKAMAI-AS)
2 51.89.9.253 16276 (OVH)
1 67.202.105.23 32748 (STEADFAST)
1 66.155.71.150 13768 (COGECO-PEER1)
1 35.227.252.103 15169 (GOOGLE)
4 9 3.228.116.73 14618 (AMAZON-AES)
2 5.178.65.253 50673 (SERVERIUS-AS)
1 3 138.201.8.249 24940 (HETZNER-AS)
3 5.178.65.246 50673 (SERVERIUS-AS)
2 2 23.75.240.210 16625 (AKAMAI-AS)
1 205.234.175.175 23352 (SERVERCEN...)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
3 5 209.54.180.144 16509 (AMAZON-02)
1 1 54.236.193.228 14618 (AMAZON-AES)
1 1 79.125.99.212 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 141.226.228.48 200478 (TABOOLA-AS)
3 4 35.227.248.159 15169 (GOOGLE)
2 3 2a04:4e42:400... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.213.35.75 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
2 3 34.111.131.239 15169 (GOOGLE)
1 185.15.245.81 24961 (MYLOC-AS ...)
2 3 63.34.67.128 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 52.57.222.106 16509 (AMAZON-02)
2 54.76.30.252 16509 (AMAZON-02)
6 6 151.101.2.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 35.173.74.115 14618 (AMAZON-AES)
1 2 52.95.119.178 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
1 1 52.209.153.41 16509 (AMAZON-02)
5 7 69.173.144.138 26667 (RUBICONPR...)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:22::14 8068 (MICROSOFT...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 69.173.144.165 26667 (RUBICONPR...)
1 69.173.151.100 26667 (RUBICONPR...)
2 3 37.252.173.22 29990 (ASN-APPNEX)
2 3 18.156.0.31 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 143.204.98.4 16509 (AMAZON-02)
27 23.216.77.18 20940 (AKAMAI-ASN1)
1 212.129.3.112 12876 (Online SAS)
2 3.121.27.153 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.64.190.81 62713 (AS-PUBMATIC)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 143.204.100.40 16509 (AMAZON-02)
1 34.252.92.160 16509 (AMAZON-02)
2 2 3.217.122.222 14618 (AMAZON-AES)
8 8 52.209.163.249 16509 (AMAZON-02)
2 185.86.137.132 201081 (SMARTADSE...)
2 2 23.88.75.187 24940 (HETZNER-AS)
2 5.161.47.120 213230 (HETZNER-C...)
2 72.251.241.204 29791 (VOXEL-DOT...)
2 4 2606:4700:440... 13335 (CLOUDFLAR...)
2 195.5.165.20 44968 (IPROM-AS)
2 2 141.95.171.142 16276 (OVH)
2 151.101.1.44 54113 (FASTLY)
2 169.197.150.7 398989 (DEEPINTENT)
2 38.27.122.126 174 (COGENT-174)
3 3 35.201.96.126 15169 (GOOGLE)
2 185.64.190.87 62713 (AS-PUBMATIC)
2 4 77.243.60.138 42697 (NETIC-AS)
6 6 35.157.1.22 16509 (AMAZON-02)
2 2 52.22.207.129 14618 (AMAZON-AES)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 159.65.196.12 14061 (DIGITALOC...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 66.155.71.25 13768 (COGECO-PEER1)
2 2 34.102.253.54 15169 (GOOGLE)
2 2 54.227.164.149 14618 (AMAZON-AES)
2 2 46.137.148.84 16509 (AMAZON-02)
1 1 34.111.129.221 15169 (GOOGLE)
2 75.2.13.80 ()
697 185
15    2606:4700:10::ac43:b63 (United States)

ASN13335 (CLOUDFLARENET, US)
www.westernjournal.com
1    2600:9000:2156:b000:d:99dd:3480:21 (United States)

ASN16509 (AMAZON-02, US)
d3l320urli0p1u.cloudfront.net.
3    2600:9000:2156:d000:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
auth.instiengage.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    2600:9000:2156:fe00:14:248f:8500:93a1 (United States)

ASN16509 (AMAZON-02, US)
run.crtx.info
2    2606:4700:10::6816:39ae (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
1    54.179.155.135 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-155-135.ap-southeast-1.compute.amazonaws.com
go.automatad.com
3    185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com
b2cdn.automatad.com
4    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2600:9000:2156:6a00:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    143.204.98.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
17    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a02:26f0:3500:696::2313 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
video.foxnews.com
2    52.55.141.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-141-237.compute-1.amazonaws.com
soapps.net
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com
partplanes.com
breadbalance.com
2    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
cs.media.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
8    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
12    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
11    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
3    143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net
sb.scorecardresearch.com
11    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
cdn.watchingthat.net
28    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
capi.connatix.com
cd.connatix.com
cds.connatix.com
ins.connatix.com
vid.connatix.com
img.connatix.com
3    143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net
static.solutionshindsight.net
6    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
10    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    143.204.98.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-16.fra50.r.cloudfront.net
ats.rlcdn.com
4    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    52.218.169.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    143.204.98.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net
certify.alexametrics.com
1    2600:1f16:bc:1202:2958:48a5:15cf:db06 (Columbus, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
7    54.85.127.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-127-29.compute-1.amazonaws.com
geoip.instiengage.com
eua.instiengage.com
event.instiengage.com
2    34.120.247.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.247.120.34.bc.googleusercontent.com
telemetries.jeeng.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
4    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
61    2a02:26f0:6c00:1b8::2313 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.foxnews.com
3    52.54.238.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-238-249.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    3.210.171.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-171-28.compute-1.amazonaws.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
1    2600:9000:2156:3000:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
4    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
6    23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
1    2600:9000:2156:2000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    143.204.98.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-116.fra50.r.cloudfront.net
geo.privacymanager.io
1    2600:9000:224a:2400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2606:4700:10::ac43:a93 (United States)

ASN13335 (CLOUDFLARENET, US)
comment.instiengage.com
20    2600:9000:2156:200:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
1    3.64.102.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-102-19.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
9    2606:4700:10::6816:b7 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
insticator-d.openx.net
u.openx.net
6    52.215.230.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    213.19.147.43 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
insticator.technoratimedia.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    143.204.98.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-60.fra50.r.cloudfront.net
get.s-onetag.com
2    23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com
www.aaxdetect.com
4    52.51.108.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-108-222.eu-west-1.compute.amazonaws.com
trends.revcontent.com
3    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
lit.connatix.com
9    3.132.38.126 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-38-126.us-east-2.compute.amazonaws.com
capi-tier-1-us-east-2.connatix.com
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    143.204.98.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-101.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
2    143.204.98.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net
api.solutionshindsight.net
7    141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu
id5-sync.com
4    18.207.20.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-20-6.compute-1.amazonaws.com
dashboard.insticator.com
2    2600:9000:2156:ca00:1c:f0ba:c200:21 (United States)

ASN16509 (AMAZON-02, US)
d2s3kjdp77ms5k.cloudfront.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    52.216.112.245 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
9    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    18.202.70.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-70-186.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
6    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
18    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    3.124.7.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-7-106.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
6    54.195.231.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-231-245.eu-west-1.compute.amazonaws.com
yeet.revcontent.com
1    2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2156:1e00:e:6579:6f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.hunchme.com
2    143.204.103.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-41.fra50.r.cloudfront.net
cdn.segment.com
8    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
4    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
5    54.93.71.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-71-13.eu-central-1.compute.amazonaws.com
pm.w55c.net
17    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
3    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2600:9000:2156:c200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
8    213.19.147.44 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
1    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
4    199.232.188.159 (Munich, Germany)

ASN54113 (FASTLY, US)
pbs.twimg.com
9    199.232.136.158 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
video.twimg.com
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
33    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
5    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh
pixel.onaudience.com
pixel-eu.onaudience.com
3    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
6    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
3    2a02:26f0:6c00:299::2313 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
api.foxnews.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
sync.e-planning.net
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
1    8.2.110.165 (United States)

ASN46636 (NATCOWEB, US)
cookie.lmgssp.com
6    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
9    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
9    3.228.116.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-116-73.compute-1.amazonaws.com
a.audrte.com
2    5.178.65.253 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    138.201.8.249 (Landshut, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
3    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
2    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    205.234.175.175 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
17    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
5    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.236.193.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-193-228.compute-1.amazonaws.com
nep.advangelists.com
1    79.125.99.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-99-212.eu-west-1.compute.amazonaws.com
d.adroll.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
3    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:736:16ab:a44d:3496 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.213.35.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-35-75.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
3    63.34.67.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    52.57.222.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-222-106.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    54.76.30.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-30-252.eu-west-1.compute.amazonaws.com
beacon.krxd.net
6    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    35.173.74.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-74-115.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.119.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.209.153.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-153-41.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    2a05:d018:d29:3601:d804:38dc:9a29:ba55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    2a02:26f0:3500:58c::2313 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
global.fncstatic.com
1    143.204.98.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net
tags.crwdcntrl.net
27    23.216.77.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-18.deploy.static.akamaitechnologies.com
foxnewsplayer-a.akamaihd.net
1    212.129.3.112 (Suresnes, France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu
js.cookieless-data.com
2    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
amp.akamaized.net
1    2a02:26f0:6c00:2b7::5fe (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
time.akamai.com
1    2a00:1450:4001:802::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
liftable-bq-streamer.appspot.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2a02:26f0:3500:3::b818:4d15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
vod.foxnews.com
1    143.204.100.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-100-40.fra50.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net
1    34.252.92.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-92-160.eu-west-1.compute.amazonaws.com
c.p2r14.com
2    3.217.122.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-122-222.compute-1.amazonaws.com
sync.srv.stackadapt.com
8    52.209.163.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-163-249.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
2    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
2    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
4    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    141.95.171.142 (France)

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh
green.erne.co
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
3    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
6    35.157.1.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-1-22.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.22.207.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-207-129.compute-1.amazonaws.com
ads.creative-serving.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    54.227.164.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-164-149.compute-1.amazonaws.com
sync.ipredictive.com
2    46.137.148.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-148-84.eu-west-1.compute.amazonaws.com
r.scoota.co
1    34.111.129.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    75.2.13.80 (None, )

ASN- ()
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
67 foxnews.com
video.foxnews.com — Cisco Umbrella Rank: 9194
static.foxnews.com — Cisco Umbrella Rank: 6872
api.foxnews.com — Cisco Umbrella Rank: 7697
vod.foxnews.com — Cisco Umbrella Rank: 13700
653 KB
57 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 439
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
image6.pubmatic.com — Cisco Umbrella Rank: 612
simage2.pubmatic.com — Cisco Umbrella Rank: 606
image2.pubmatic.com — Cisco Umbrella Rank: 932
image4.pubmatic.com — Cisco Umbrella Rank: 875
simage4.pubmatic.com — Cisco Umbrella Rank: 1170
aud.pubmatic.com — Cisco Umbrella Rank: 4537
255 KB
38 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 3859
cd.connatix.com — Cisco Umbrella Rank: 3462
cds.connatix.com — Cisco Umbrella Rank: 3527
ins.connatix.com — Cisco Umbrella Rank: 7431
lit.connatix.com — Cisco Umbrella Rank: 7741
capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 4192
vid.connatix.com — Cisco Umbrella Rank: 4303
img.connatix.com — Cisco Umbrella Rank: 4210
2 MB
37 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 21573
geoip.instiengage.com — Cisco Umbrella Rank: 19746
auth.instiengage.com — Cisco Umbrella Rank: 19382
comment.instiengage.com — Cisco Umbrella Rank: 60585
static.instiengage.com — Cisco Umbrella Rank: 25273
eua.instiengage.com — Cisco Umbrella Rank: 23980
event.instiengage.com — Cisco Umbrella Rank: 26150
2 MB
30 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
pix.eu.criteo.net — Cisco Umbrella Rank: 7541
csm.eu.criteo.net — Cisco Umbrella Rank: 7580
456 KB
27 akamaihd.net
foxnewsplayer-a.akamaihd.net — Cisco Umbrella Rank: 8799
411 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
190 KB
21 googlesyndication.com
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 130
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
115 KB
21 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 664
syndication.twitter.com — Cisco Umbrella Rank: 954
638 KB
20 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 6078
trends.revcontent.com — Cisco Umbrella Rank: 1872
img.revcontent.com — Cisco Umbrella Rank: 9950
cdn.revcontent.com — Cisco Umbrella Rank: 7182
yeet.revcontent.com — Cisco Umbrella Rank: 7346
images.revcontent.com — Cisco Umbrella Rank: 6623
124 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
eus.rubiconproject.com — Cisco Umbrella Rank: 556
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1146
token.rubiconproject.com — Cisco Umbrella Rank: 692
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2479
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1206
41 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 288
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1187
130 KB
17 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1764
mwzeom.zeotap.com — Cisco Umbrella Rank: 1486
5 KB
16 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7947
c.mgid.com — Cisco Umbrella Rank: 6256
cdn.mgid.com — Cisco Umbrella Rank: 10360
servicer.mgid.com — Cisco Umbrella Rank: 8135
s-img.mgid.com — Cisco Umbrella Rank: 7142
cm.mgid.com — Cisco Umbrella Rank: 2284
2 MB
15 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1528
abs-0.twimg.com — Cisco Umbrella Rank: 2779
pbs.twimg.com — Cisco Umbrella Rank: 702
video.twimg.com — Cisco Umbrella Rank: 1398
825 KB
15 westernjournal.com
www.westernjournal.com — Cisco Umbrella Rank: 66155
361 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
acdn.adnxs.com — Cisco Umbrella Rank: 596
secure.adnxs.com — Cisco Umbrella Rank: 424
30 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 393
mug.criteo.com — Cisco Umbrella Rank: 2669
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299
ads.eu.criteo.com — Cisco Umbrella Rank: 7544
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9672
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919
dis.criteo.com — Cisco Umbrella Rank: 725
96 KB
9 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 880
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 485
ads.yahoo.com — Cisco Umbrella Rank: 1156
ups.analytics.yahoo.com — Cisco Umbrella Rank: 297
5 KB
9 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2430
12 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum.casalemedia.com — Cisco Umbrella Rank: 1323
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557
13 KB
9 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1277
sync.1rx.io — Cisco Umbrella Rank: 520
4 KB
9 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 7047
2 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 466
4 KB
8 e-planning.net
sync.e-planning.net — Cisco Umbrella Rank: 4923
s.e-planning.net — Cisco Umbrella Rank: 7084
u-ams02.e-planning.net — Cisco Umbrella Rank: 66464
i.e-planning.net — Cisco Umbrella Rank: 7160
4 KB
8 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1635
bcp.crwdcntrl.net — Cisco Umbrella Rank: 891
tags.crwdcntrl.net — Cisco Umbrella Rank: 1570
sync.crwdcntrl.net — Cisco Umbrella Rank: 721
14 KB
8 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 407
fonts.googleapis.com — Cisco Umbrella Rank: 46
746 KB
8 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1573
id5-sync.com — Cisco Umbrella Rank: 663
17 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 571
dmp.adform.net — Cisco Umbrella Rank: 2468
3 KB
7 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 20816
event.insticator.com — Cisco Umbrella Rank: 16481
dashboard.insticator.com — Cisco Umbrella Rank: 41190 Failed
30 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
4 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
2 KB
6 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 977
trc.taboola.com — Cisco Umbrella Rank: 679
match.taboola.com — Cisco Umbrella Rank: 2142
1 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
2 KB
6 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3529
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4130
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4116
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
18 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 74
www.google.com — Cisco Umbrella Rank: 7
2 KB
6 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1459
rtb.gumgum.com — Cisco Umbrella Rank: 1176
4 KB
6 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 3513
l3.aaxads.com — Cisco Umbrella Rank: 5385
283 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
60 KB
6 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d31qbv1cthcecs.cloudfront.net
df80k0z3fi8zg.cloudfront.net
d2s3kjdp77ms5k.cloudfront.net
136 KB
5 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3281
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13702
2 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 887
4 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1489
ssc-cms.33across.com — Cisco Umbrella Rank: 992
884 B
5 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 29651
api.solutionshindsight.net — Cisco Umbrella Rank: 33748
26 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1171
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 818
s.tribalfusion.com — Cisco Umbrella Rank: 2566
2 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 31762
cr.frontend.weborama.fr — Cisco Umbrella Rank: 21431
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 437
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
pixel.mathtag.com — Cisco Umbrella Rank: 1281
3 KB
4 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1563
155 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 987
pixel.quantserve.com — Cisco Umbrella Rank: 427
cms.quantserve.com — Cisco Umbrella Rank: 1128
11 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
208 KB
4 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1386
119 B
4 automatad.com
go.automatad.com — Cisco Umbrella Rank: 32335
b2cdn.automatad.com — Cisco Umbrella Rank: 23730
92 KB
4 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 23795
telemetries.jeeng.com — Cisco Umbrella Rank: 17299
119 KB
3 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4218
644 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 472
usermatch.krxd.net — Cisco Umbrella Rank: 1256
942 B
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574
2 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1625
741 B
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3501
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
573 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
639 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 7678
www.google.de — Cisco Umbrella Rank: 5483
1 KB
3 technoratimedia.com
insticator.technoratimedia.com — Cisco Umbrella Rank: 19756
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 3008
7 KB
3 openx.net
insticator-d.openx.net — Cisco Umbrella Rank: 17153
u.openx.net — Cisco Umbrella Rank: 756
rtb.openx.net — Cisco Umbrella Rank: 1524
828 B
3 amazonaws.com
s3-us-west-2.amazonaws.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 25747
s3.amazonaws.com
1 KB
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1310
id.rlcdn.com — Cisco Umbrella Rank: 598
71 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 141
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 175
112 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
2 KB
3 media.net
hbx.media.net — Cisco Umbrella Rank: 1514
prebid.media.net — Cisco Umbrella Rank: 1191
cs.media.net — Cisco Umbrella Rank: 1513
132 KB
3 partplanes.com
partplanes.com — Cisco Umbrella Rank: 199432
29 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 560
1 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 34995
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1042
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3757
681 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3207
207 B
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2528
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3750
1 KB
2 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1553
226 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 857
60 B
2 erne.co
green.erne.co — Cisco Umbrella Rank: 16159
732 B
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5811
557 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1468
816 B
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6228
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 884
401 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611
326 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
1 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 904
2 KB
2 fncstatic.com
global.fncstatic.com — Cisco Umbrella Rank: 8004
466 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1141
792 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5262
637 B
2 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1569
117 KB
2 breadbalance.com
breadbalance.com — Cisco Umbrella Rank: 150206
27 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
17 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1303
c.go-mpulse.net — Cisco Umbrella Rank: 549
51 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
12 KB
2 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 7367
648 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1842
24 KB
2 soapps.net
soapps.net — Cisco Umbrella Rank: 48042
18 KB
1 p2r14.com
c.p2r14.com — Cisco Umbrella Rank: 10364
538 B
1 boltdns.net
cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 3405
166 KB
1 appspot.com
liftable-bq-streamer.appspot.com — Cisco Umbrella Rank: 60633
271 B
1 akamai.com
time.akamai.com — Cisco Umbrella Rank: 9518
513 B
1 akamaized.net
amp.akamaized.net — Cisco Umbrella Rank: 7964
319 B
1 watchingthat.net
cdn.watchingthat.net — Cisco Umbrella Rank: 14282
6 KB
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 6854
535 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 822
380 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 511
709 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 172922
215 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 458
225 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 441
533 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19722
272 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 133740
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7335
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12219
411 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2091
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1559
112 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2270
234 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2797
1 KB
1 lmgssp.com
cookie.lmgssp.com — Cisco Umbrella Rank: 7221
1 gstatic.com
fonts.gstatic.com
44 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 741
441 B
1 hunchme.com
static.hunchme.com — Cisco Umbrella Rank: 210708
19 KB
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1944
345 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1561
17 KB
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1623
914 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1183
448 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2157
164 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 552
481 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1409
595 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
352 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com — Cisco Umbrella Rank: 4391
552 B
1 crtx.info
run.crtx.info — Cisco Umbrella Rank: 33476
104 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1364
41 KB
1 net.
d3l320urli0p1u.cloudfront.net.
41 KB
697 141
Domain Requested by
61 static.foxnews.com video.foxnews.com
static.foxnews.com
27 foxnewsplayer-a.akamaihd.net static.foxnews.com
foxnewsplayer-a.akamaihd.net
26 simage2.pubmatic.com ads.pubmatic.com
20 static.instiengage.com www.westernjournal.com
comment.instiengage.com
18 static.criteo.net ads.eu.criteo.com
17 cm.g.doubleclick.net 8 redirects bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
spl.zeotap.com
www.westernjournal.com
17 platform.twitter.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
platform.twitter.com
15 www.westernjournal.com www.westernjournal.com
14 mwzeom.zeotap.com sync.e-planning.net
spl.zeotap.com
ads.pubmatic.com
11 c.amazon-adsystem.com d3l320urli0p1u.cloudfront.net.
c.amazon-adsystem.com
www.westernjournal.com
foxnewsplayer-a.akamaihd.net
10 ins.connatix.com cd.connatix.com
9 a.audrte.com 4 redirects sync.e-planning.net
a.audrte.com
9 video.twimg.com platform.twitter.com
9 pagead2.googlesyndication.com srcdoc
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
www.westernjournal.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 tpc.googlesyndication.com bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
d3l320urli0p1u.cloudfront.net.
9 capi-tier-1-us-east-2.connatix.com cd.connatix.com
9 ex.ingage.tech 2 redirects df80k0z3fi8zg.cloudfront.net
d3l320urli0p1u.cloudfront.net.
ssum-sec.casalemedia.com
sync.e-planning.net
ads.pubmatic.com
8 match.prod.bidr.io 8 redirects
8 sync.1rx.io 8 redirects
8 pix.eu.criteo.net ads.eu.criteo.com
8 vid.connatix.com cd.connatix.com
cds.connatix.com
8 securepubads.g.doubleclick.net d3l320urli0p1u.cloudfront.net.
www.googletagservices.com
securepubads.g.doubleclick.net
www.westernjournal.com
8 ib.adnxs.com 2 redirects www.westernjournal.com
df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
spl.zeotap.com
ssum.casalemedia.com
8 ads.pubmatic.com d3l320urli0p1u.cloudfront.net.
ads.pubmatic.com
sync.e-planning.net
7 image2.pubmatic.com ads.pubmatic.com
7 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
www.westernjournal.com
7 comment.instiengage.com 3 redirects d3l320urli0p1u.cloudfront.net.
comment.instiengage.com
6 x.bidswitch.net 6 redirects
6 sync-tm.everesttech.net 6 redirects
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
6 eus.rubiconproject.com d3l320urli0p1u.cloudfront.net.
eus.rubiconproject.com
sync.e-planning.net
ex.ingage.tech
6 s-img.mgid.com www.westernjournal.com
6 image6.pubmatic.com 1 redirects ads.pubmatic.com
spl.zeotap.com
6 yeet.revcontent.com d3l320urli0p1u.cloudfront.net.
6 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
spl.zeotap.com
www.westernjournal.com
6 www.google-analytics.com d3l320urli0p1u.cloudfront.net.
www.googletagmanager.com
www.westernjournal.com
dashboard.insticator.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
www.westernjournal.com
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum.casalemedia.com
5 pm.w55c.net 5 redirects
5 cds.connatix.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
5 assets.revcontent.com d3l320urli0p1u.cloudfront.net.
4 uipglob.semasio.net 2 redirects
4 pixel-eu.onaudience.com 4 redirects
4 pr-bh.ybp.yahoo.com 1 redirects ssum.casalemedia.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 event.instiengage.com comment.instiengage.com
4 pbs.twimg.com www.westernjournal.com
platform.twitter.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 fonts.googleapis.com comment.instiengage.com
4 dashboard.insticator.com d3l320urli0p1u.cloudfront.net.
dashboard.insticator.com
4 imasdk.googleapis.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
4 www.google.com www.westernjournal.com
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
d3l320urli0p1u.cloudfront.net.
4 trends.revcontent.com d3l320urli0p1u.cloudfront.net.
4 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
4 ssc.33across.com df80k0z3fi8zg.cloudfront.net
4 c.aaxads.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
c.aaxads.com
4 confiant-integrations.global.ssl.fastly.net d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
4 syndication.twitter.com platform.twitter.com
www.westernjournal.com
4 www.googletagmanager.com d3l320urli0p1u.cloudfront.net.
cdn.segment.com
4 i.clean.gg d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
3 visitor.fiftyt.com 3 redirects
3 sync.crwdcntrl.net 2 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 ups.analytics.yahoo.com 2 redirects ssum.casalemedia.com
3 secure.adnxs.com 2 redirects ssum.casalemedia.com
3 pixel.rubiconproject.com 1 redirects www.westernjournal.com
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 idsync.frontend.weborama.fr 2 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 trc.taboola.com 2 redirects spl.zeotap.com
3 spl.zeotap.com sync.e-planning.net
spl.zeotap.com
3 u-ams02.e-planning.net sync.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
3 sync.richaudience.com 1 redirects sync.e-planning.net
spl.zeotap.com
3 api.foxnews.com static.foxnews.com
foxnewsplayer-a.akamaihd.net
3 c.mgid.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 image4.pubmatic.com ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 images.revcontent.com www.westernjournal.com
3 www.facebook.com www.westernjournal.com
3 bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com d3l320urli0p1u.cloudfront.net.
3 static.solutionshindsight.net d3l320urli0p1u.cloudfront.net.
3 sb.scorecardresearch.com 1 redirects d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
3 www.googletagservices.com d3l320urli0p1u.cloudfront.net.
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
3 ap.lijit.com www.westernjournal.com
df80k0z3fi8zg.cloudfront.net
d3l320urli0p1u.cloudfront.net.
3 fastlane.rubiconproject.com www.westernjournal.com
df80k0z3fi8zg.cloudfront.net
3 partplanes.com d3l320urli0p1u.cloudfront.net.
3 bh.contextweb.com 2 redirects www.westernjournal.com
3 b2cdn.automatad.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
go.automatad.com
2 r.scoota.co 2 redirects
2 sync.ipredictive.com 2 redirects
2 rtb.gumgum.com ads.pubmatic.com
2 ads.playground.xyz 2 redirects
2 pixel-sync.sitescout.com ads.pubmatic.com
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 match.adsby.bidtheatre.com 2 redirects
2 ad.turn.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 aud.pubmatic.com
2 match.bnmla.com ads.pubmatic.com
2 match.deepintent.com ads.pubmatic.com
2 match.taboola.com ads.pubmatic.com
2 green.erne.co 2 redirects
2 core.iprom.net ads.pubmatic.com
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 csync.loopme.me 2 redirects
2 rtb-csync.smartadserver.com ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 ps.eyeota.net
2 global.fncstatic.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects sync.e-planning.net
2 beacon.krxd.net spl.zeotap.com
sync.e-planning.net
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 secure-assets.rubiconproject.com 2 redirects
2 s.e-planning.net sync.e-planning.net
2 onetag-sys.com d3l320urli0p1u.cloudfront.net.
sync.e-planning.net
2 ssum-sec.casalemedia.com 1 redirects d3l320urli0p1u.cloudfront.net.
2 sync.e-planning.net 1 redirects d3l320urli0p1u.cloudfront.net.
2 cm.mgid.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
2 cdn.mgid.com www.westernjournal.com
2 d5p.de17a.com 2 redirects
2 cdn.segment.com static.foxnews.com
2 breadbalance.com d3l320urli0p1u.cloudfront.net.
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
2 s0.2mdn.net www.westernjournal.com
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
2 d2s3kjdp77ms5k.cloudfront.net www.westernjournal.com
2 api.solutionshindsight.net d3l320urli0p1u.cloudfront.net.
2 onetag-geo.s-onetag.com d3l320urli0p1u.cloudfront.net.
2 img.connatix.com www.westernjournal.com
2 l3.aaxads.com www.westernjournal.com
2 cdnjs.cloudflare.com go.automatad.com
ads.eu.criteo.com
2 www.aaxdetect.com www.westernjournal.com
c.aaxads.com
2 pixel.quantserve.com 1 redirects www.westernjournal.com
2 adservice.google.com d3l320urli0p1u.cloudfront.net.
2 adservice.google.de d3l320urli0p1u.cloudfront.net.
2 eua.instiengage.com auth.instiengage.com
2 insticator.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 mug.criteo.com www.westernjournal.com
2 gum.criteo.com 1 redirects
2 telemetries.jeeng.com users.api.jeeng.com
2 auth.instiengage.com d3l320urli0p1u.cloudfront.net.
auth.instiengage.com
2 ats.rlcdn.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
2 jsc.mgid.com d3l320urli0p1u.cloudfront.net.
2 connect.facebook.net d3l320urli0p1u.cloudfront.net.
2 capi.connatix.com www.westernjournal.com
cd.connatix.com
2 hbopenbid.pubmatic.com www.westernjournal.com
df80k0z3fi8zg.cloudfront.net
2 script.4dex.io d3l320urli0p1u.cloudfront.net.
2 soapps.net www.westernjournal.com
2 video.foxnews.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
2 d3lcz8vpax4lo2.cloudfront.net d3l320urli0p1u.cloudfront.net.
2 users.api.jeeng.com www.westernjournal.com
users.api.jeeng.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 cr.frontend.weborama.fr 1 redirects
1 c.p2r14.com cdn.watchingthat.net
1 cf-images.us-east-1.prod.boltdns.net
1 vod.foxnews.com foxnewsplayer-a.akamaihd.net
1 liftable-bq-streamer.appspot.com www.westernjournal.com
1 time.akamai.com foxnewsplayer-a.akamaihd.net
1 amp.akamaized.net foxnewsplayer-a.akamaihd.net
1 cdn.watchingthat.net foxnewsplayer-a.akamaihd.net
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 bttrack.com ssum.casalemedia.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ads.yahoo.com www.westernjournal.com
1 id.rlcdn.com www.westernjournal.com
1 px.ads.linkedin.com www.westernjournal.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 sync.taboola.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 nep.advangelists.com 1 redirects
1 i.e-planning.net sync.e-planning.net
1 ssum.casalemedia.com sync.e-planning.net
1 rtb.openx.net sync.e-planning.net
1 pixel.sitescout.com sync.e-planning.net
1 ssc-cms.33across.com d3l320urli0p1u.cloudfront.net.
1 u.openx.net d3l320urli0p1u.cloudfront.net.
1 biddr.brealtime.com d3l320urli0p1u.cloudfront.net.
1 cookie.lmgssp.com d3l320urli0p1u.cloudfront.net.
1 ad-cdn.technoratimedia.com d3l320urli0p1u.cloudfront.net.
1 acdn.adnxs.com d3l320urli0p1u.cloudfront.net.
1 servicer.mgid.com d3l320urli0p1u.cloudfront.net.
1 pixel.onaudience.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 abs-0.twimg.com www.westernjournal.com
1 cdn.syndication.twimg.com platform.twitter.com
1 fonts.gstatic.com fonts.googleapis.com
1 cs.media.net 1 redirects
1 s.ad.smaato.net 1 redirects
1 cms.quantserve.com bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
1 static.hunchme.com comment.instiengage.com
1 c.go-mpulse.net s.go-mpulse.net
1 cdn.revcontent.com www.westernjournal.com
1 protected-by.clarium.io bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.westernjournal.com
1 id.crwdcntrl.net ads.pubmatic.com
1 rtb.nl.eu.criteo.com www.westernjournal.com
1 img.revcontent.com www.westernjournal.com
1 s3.amazonaws.com d3l320urli0p1u.cloudfront.net.
1 signal-beacon.s-onetag.com d3l320urli0p1u.cloudfront.net.
1 lit.connatix.com cd.connatix.com
1 s.go-mpulse.net video.foxnews.com
1 cdn.id5-sync.com www.westernjournal.com
1 secure.cdn.fastclick.net www.westernjournal.com
1 www.google.de www.westernjournal.com
1 get.s-onetag.com d3l320urli0p1u.cloudfront.net.
1 stats.g.doubleclick.net www.google-analytics.com
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 tag.1rx.io df80k0z3fi8zg.cloudfront.net
1 prebid.a-mo.net df80k0z3fi8zg.cloudfront.net
1 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
1 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
1 static.adsafeprotected.com www.westernjournal.com
1 geo.privacymanager.io d3l320urli0p1u.cloudfront.net.
1 rules.quantcount.com d3l320urli0p1u.cloudfront.net.
1 df80k0z3fi8zg.cloudfront.net d3l320urli0p1u.cloudfront.net.
1 h99w9l39sa.execute-api.us-east-1.amazonaws.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.instiengage.com product.instiengage.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.westernjournal.com
1 certify.alexametrics.com www.westernjournal.com
1 s3-us-west-2.amazonaws.com d3l320urli0p1u.cloudfront.net.
1 secure.quantserve.com d3l320urli0p1u.cloudfront.net.
1 cd.connatix.com 1 redirects
1 prebid.media.net www.westernjournal.com
1 hbx.media.net d3l320urli0p1u.cloudfront.net.
1 d31qbv1cthcecs.cloudfront.net d3l320urli0p1u.cloudfront.net.
1 go.automatad.com 1 redirects
1 run.crtx.info www.westernjournal.com
1 www.googleoptimize.com www.westernjournal.com
1 product.instiengage.com www.westernjournal.com
1 d3l320urli0p1u.cloudfront.net. www.westernjournal.com
697 252
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-14 -
2022-07-13		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.crtx.info
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2021-09-13 -
2022-09-12		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
wildcard.foxnews.com
DigiCert SHA2 Secure Server CA		 2021-12-08 -
2022-12-08		 a year crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA		 2022-01-13 -
2023-01-22		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
partplanes.com
R3		 2022-03-11 -
2022-06-09		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
assets.revcontent.com
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
solutionshindsight.net
Amazon		 2022-01-20 -
2023-02-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-03 -
2022-06-01		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
telemetries.jeeng.com
GTS CA 1D4		 2022-04-11 -
2022-07-10		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2021-07-22 -
2022-08-20		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-05-20 -
2022-08-18		 3 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2021-07-15 -
2022-07-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
revcontent.com
Amazon		 2021-08-09 -
2022-09-07		 a year crt.sh
b2cdn.automatad.com
R3		 2022-05-22 -
2022-08-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
akstat.io
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-15 -
2023-04-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
img.revcontent.com
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-22 -
2022-08-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-18 -
2022-08-13		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
cdn.revcontent.com
R3		 2022-05-13 -
2022-08-11		 3 months crt.sh
breadbalance.com
R3		 2022-03-11 -
2022-06-09		 3 months crt.sh
images.revcontent.com
R3		 2022-05-10 -
2022-08-08		 3 months crt.sh
*.hunchme.com
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2022-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.e-planning.net
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.lmgssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-19 -
2022-12-21		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
dmp.theadex.com
R3		 2022-04-28 -
2022-07-27		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.eyeota.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
cdn.watchingthat.net
R3		 2022-05-15 -
2022-08-13		 3 months crt.sh
time.akamai.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
live.foxnews.com
R3		 2022-03-18 -
2022-06-16		 3 months crt.sh
*.prod.boltdns.net
Amazon		 2021-11-18 -
2022-12-17		 a year crt.sh
*.p2r14.com
Amazon		 2022-01-22 -
2023-02-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
truffle.bid
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh

This page contains 95 frames:

Primary Page: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Frame ID: F1F9D857982CB0CBD0A8F865A36F5C0C
Requests: 190 HTTP requests in this frame

Frame: https://cds.connatix.com/p/163691/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Frame ID: 1E7C4C54BE83BC4A28285656CC17A002
Requests: 34 HTTP requests in this frame

Frame: https://video.foxnews.com/v/video-embed.html?video_id=6306718389112&loc=westernjournal.com&ref=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&_xcf=
Frame ID: 579F3047A971DAC34990F7D2442C4BAF
Requests: 39 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 6D4EB963283A4104FBCCF44BBD71FF04
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.westernjournal.com
Frame ID: 8FAA60AC036C6BDEA07EF31E4BBE1F33
Requests: 2 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: E1918AA18B2D01FC7B8FC32D7C5D86F0
Requests: 14 HTTP requests in this frame

Frame: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1138806E263914A56E6A5298112F9C39
Requests: 1 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/CV6U8-U7UEK-2PJG8-KJALW-TEX3Y
Frame ID: 2B6B2768E544FF0640D0B98DAA135732
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Frame ID: 0B3896F6561D6F48C3C22FC6B9C71D73
Requests: 31 HTTP requests in this frame

Frame: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7624593F62AD68F81637AE147EA57601
Requests: 10 HTTP requests in this frame

Frame: https://i.clean.gg/1a
Frame ID: 364DCE905454EC5CA9E9EB9B52174C61
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Frame ID: 510726984DA2990C74753030D3998A4D
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Frame ID: C08B3B8F1A1C74B14328823D803B5392
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Frame ID: 8FA820AD198AD012CA00BDA996610238
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Frame ID: 3FE2D561AE70CCD5259E0A13CE7671A2
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 258BE1A65CD7E8F854FE3D1FC7D4C86B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 57476657EAF50EF90839D018C770BE0B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C882087D439E3DEF27BF8D56891BEA4A
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Frame ID: DD13DD731474E670F95ACCC32EFF595F
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5C54F970A46D7F1003146E3744ABDB52
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B2EE9BA2BFC88BC74D7DA29520110CD5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4070403FF11FADD6B45BA4D1C6CE2FCF
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/plugins/prebid6.20.0.js
Frame ID: EE2A04448542928B0276F2838BB2CEC6
Requests: 1 HTTP requests in this frame

Frame: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC53792ADDA338644FE46DF8DA2C980E
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 7AA0FEED33104FC6261A6317DC7BCBBA
Requests: 1 HTTP requests in this frame

Frame: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Frame ID: 4DC643D0487D0751D4C6DC18C814CCAD
Requests: 22 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: C35728A2A7C33F9FD4C7778B1E4D0081
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 331E1F6801038E6FCCB7CB0895137367
Requests: 9 HTTP requests in this frame

Frame: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Frame ID: B97594C2AE01A9C26FE62CB88D8E0FF2
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 88DD56A1BA6FEFB05D24B8CDAE5B5E06
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Frame ID: 2A1295F0BDD0D29E7AF630DA5FAA040E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc78628e-0db1-4400-a175-f29090861e69&gdpr=0&gdpr_consent=
Frame ID: 55A0382190F122F70F972E390404C9B7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2288197559826090879
Frame ID: 80670089920193AF64D931E21D5373BD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 1AD9DB3A2C9305C134233BB16839E851
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1653476786924747108116
Frame ID: 5152F79693E5F639A29D1206EEA78E90
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/unruly/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=OPTOUT
Frame ID: DEAED5F7FF14E7DB7763DCDD005302B1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 548B1FB34C38EE885F25C919CD2C3597
Requests: 3 HTTP requests in this frame

Frame: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Frame ID: C60711BB2528C69D2187704D9F191C1F
Requests: 12 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.15.0
Frame ID: A531FF9CCD5A229F53AD6B503E4D942D
Requests: 1 HTTP requests in this frame

Frame: https://cookie.lmgssp.com/d459e3c6da768f28b23fc200eeedcdc1.gif?gdpr=0&puid=694e0c7c-b595-44da-8fa0-f57e1eb18dd9&redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Flunamedia%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%5BUID%5D
Frame ID: 6415C4FCFAB4DEFC8DAC02BAA0B7F785
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: 5CC434E6D24B08ABF73C4DE8B9063CCE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: 465220F7CC76B820E4886AAAA6857624
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7025AA57DF17AA24E1FEC052C4A1AB62
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Frame ID: 1703C1DB1A4E438DD095EEDD8547AD6F
Requests: 17 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 76E1F1A119BB9C8BFFE4149A192B6275
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Frame ID: 8964A534298131C451848ED92A03821E
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7C694e0c7c-b595-44da-8fa0-f57e1eb18dd9&gdpr=0
Frame ID: 22BE5C5AA6DD0C3535525FD5CA0A6AA8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4D2FEB4F86D447CE2CCF19A133ABB2CD
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bAsyo8U7Or6PeLaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 4C7544D5156DD173353626A3CCBF65A1
Requests: 1 HTTP requests in this frame

Frame: https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
Frame ID: 014E801F30991F877C0F8C6733338063
Requests: 65 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 8320D2C977DB1DD53834CCA9E944475D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db1c222e27fbeead5%26uid%3D
Frame ID: AA0C12466382E7392BEDA29B388A1501
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Frame ID: 42171E35F23C946FD0207EA87AAF5ACD
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: F590DA2BCB565033BE7268D8C34F5C85
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 59385E17AA06D55B0132634BBDAD9AA6
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&cmp=0
Frame ID: DB085560191744D106445237215D83BF
Requests: 30 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 9847A5982542505130454453D0A47F87
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/eplanning/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=AIHh5Z%2fGncjhZ2fP
Frame ID: A603267CAF52D71155781B168D3556EB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 32A35A1BC877A19C2DBAC2A905A7E385
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 843A53B15F00A6DB4E35EE61CB14F0C5
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
Frame ID: E3633E3002B74FC83179C4BF63868190
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
Frame ID: 470ED4CAE7E76B9B1D2553F0E5E45AEC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TXW5RZQoSwJe5dA2-RrHTMEbDhs
Frame ID: 2D926CDDD0F804F1C7E4648D8681D2E9
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: DD686FDA3F7D9286A13A4293B52682B8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 2C9DC17EE03DC9856260AEA2441875D8
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3C085DE3D836FA77CECE1BF776FC9E51
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: EB68923BC75F9FBDD18D96E1EA09AA18
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 62F0975BA0CFA18DBD25D728B673A4A6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 38B2C5275D7399E67B45F303C946ADD3
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: B5EDDBAC60FCD5A485FE372EAB5F8228
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
Frame ID: 1661CD52E3DB01CA03E4B2C482416A8B
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ba82e97c-e848-4a88-81f3-3fe8ebd40ab8-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 10BD2C5E44848C53E54F4B37AB616044
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 2D7B2B5E29FB3C268301CBB77C8F7712
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 166C67B6E90D9B5AE9568C5EF2FD07AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
Frame ID: 55F4002BD3A0E8BC3934CD52298C491E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
Frame ID: BA277678992BEADFA268EE5CBA76954F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
Frame ID: E5184BCAD4D72C1FCFCAEAADA71C0C46
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
Frame ID: CB4900C71543D742D5EEF6903BE01140
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xQmU7hs8RSpkSW-o7fFrH8EbDhs
Frame ID: 81CB0D9F42BBBBB0DF2CA340E9FBEBA8
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 80193C4C72F8FBBA8E263B8E4105E516
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: E1FC01041ACD60989BE2DB3C2CDBBD74
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 745A7F411C93D84AF503C482183B6AE8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8A6A09DC84E1F962D876175E6054343C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 2AE1C945408D23D4D2DC831580490E9F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EEA3A76F9E1A45AA66B7429DBF09F12B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 0C678E72FA5343906C81DB847E017091
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
Frame ID: C7A30956F7C29C6D259399DFD42FAE53
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f70e1f77-21db-4bd5-a789-fbb95488b72e-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 4E8CDDA88BAEEA02F5828CD5032885FB
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: B1C88324005A3F2E57397FB0D5F70727
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: D8B863837A62DB30C9FC555F8E27CBCC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
Frame ID: 140BF94CA726FDE3DEFCEFF75338176C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
Frame ID: A837FBF54311C92DF8FB557CEBAD7971
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/pubmatic/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Frame ID: FB4049ED6283170C54A7C81440253481
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=b1c222e27fbeead5&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Frame ID: 77606002A66517567D1D64779E75F941
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=460652799/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.westernjournal.com/rt=ifr
Frame ID: E54D7DA22A0F2A112841AE063D287874
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Robber Ends up Thrown Into Window, 2 Others Flee as Mom-and-Pop Store Family Fight Back With Brutal EfficiencymenuFacebookTwitterShareFacebookTwitterShareFacebookTwitterSharecloseFacebookInstagramLinkedinParlerTwitterYoutubecloseFacebookInstagramLinkedinParlerTwitterYoutube

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

697
Requests

89 %
HTTPS

30 %
IPv6

141
Domains

252
Subdomains

185
IPs

14
Countries

13565 kB
Transfer

33362 kB
Size

162
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://go.automatad.com/geo/OaEAJP/afihbs.js HTTP 301
  • https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
Request Chain 39
  • https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c HTTP 302
  • https://cds.connatix.com/p/163691/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Request Chain 66
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=3ohoXHxVelhlYkYwRURlSm9EaWh5aHM0NUlQVG1tRUxuMFMxZXY3NUdndkp4aFd3VHQ2c3p5aHV2MUdSMVRaL0kzejg0L2ppbXRzZWVzakxSMUtkQUZmb1lvWko2aE1ndHFKS3ArTnNjam1PSTdzSHlIS29ObEhRNmQyM0I5OXFmNFVJMXNIRWw1TE82dE5oS3hFbjNFWGYyTVVvSng4bTRncHg3ZjRQZGlaUkRSbXl0aytSQjZoaStHQkJPWE5iVVd0eUFuREhFbDl3MmRPblNkc2dzcGR5K0poaUhNaEVLUzllZ011OHJHc1Exdkk4d1czMTRiT3JMU3BSYWhaRUlndCtofA&cppv=2
Request Chain 71
  • https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1653476782700&ns_c=UTF-8&cv=3.5&c8=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&c7=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1653476782700&ns_c=UTF-8&cv=3.5&c8=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&c7=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&c9=
Request Chain 97
  • https://comment.instiengage.com/live/loader/loader.js HTTP 301
  • https://static.instiengage.com/app-loader/static/loader.js
Request Chain 294
  • https://comment.instiengage.com/live/comments/static/app.js?v=0.0.75 HTTP 301
  • https://static.instiengage.com/app-comments/app.js?v=0.0.75
Request Chain 319
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKAyWB675cHskfgI5BmfyjA&google_cver=1&google_push=AYg5qPIrYkLUjYjNnDv9cty-hIyHe5VpeB6-TLP0oOb40zL61nMgVZVCYANbxj5q4dBmSfrequ9YLUlrINQvtpebKYHebJUhgj64 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKAyWB675cHskfgI5BmfyjA&google_cver=1&google_push=AYg5qPIrYkLUjYjNnDv9cty-hIyHe5VpeB6-TLP0oOb40zL61nMgVZVCYANbxj5q4dBmSfrequ9YLUlrINQvtpebKYHebJUhgj64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDh3T2tuWHAxTlRPUXA1&google_gid=CAESEKAyWB675cHskfgI5BmfyjA&google_cver=1&google_push=AYg5qPIrYkLUjYjNnDv9cty-hIyHe5VpeB6-TLP0oOb40zL61nMgVZVCYANbxj5q4dBmSfrequ9YLUlrINQvtpebKYHebJUhgj64
Request Chain 320
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDlasJ34J2KDPr5LIjY-kRY&google_cver=1&google_push=AYg5qPIUQb3IzVW4eFcUI0QXSc3wjBR80feb6rzqoRgmtpk0rdUD-7dHsvIWp7RuNhcXcDtcQZ3o8uVZljL0iF-BJT7qJkrw6KH2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIUQb3IzVW4eFcUI0QXSc3wjBR80feb6rzqoRgmtpk0rdUD-7dHsvIWp7RuNhcXcDtcQZ3o8uVZljL0iF-BJT7qJkrw6KH2
Request Chain 322
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH7D_keeAGtATvzCnEFtVzA&google_cver=1&google_push=AYg5qPJ_KC3TD98Sq8ToKlwacxbL79II3y6ys17uKRqf-mjlAQZBmjFTDdnGJdsj81JacqVbocmvihwUBMo3s-tUL7PEUTWZ54WS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJ_KC3TD98Sq8ToKlwacxbL79II3y6ys17uKRqf-mjlAQZBmjFTDdnGJdsj81JacqVbocmvihwUBMo3s-tUL7PEUTWZ54WS
Request Chain 323
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBb7NN7B_Zze-CHYRBXioIE&google_cver=1&google_push=AYg5qPJPYutBplsVloojNhd2KkGZxko6lYAL6V1bFNE00xaSQ55VlJiOuhtMHI6xitrzmoQ2bqpsriKHpAofExZNWfm7Igw2MffP HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJPYutBplsVloojNhd2KkGZxko6lYAL6V1bFNE00xaSQ55VlJiOuhtMHI6xitrzmoQ2bqpsriKHpAofExZNWfm7Igw2MffP&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1653476785390 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJPYutBplsVloojNhd2KkGZxko6lYAL6V1bFNE00xaSQ55VlJiOuhtMHI6xitrzmoQ2bqpsriKHpAofExZNWfm7Igw2MffP&google_hm=
Request Chain 324
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGLu3QZTJivodHxQkeTKuUk&google_cver=1&google_push=AYg5qPI7WHE7m3zbUjqV21xmHMyODgtLrSh3afw1u5NZZxJdbFZhK46OPIKbopUr4uRNSnnNVIjWBnFpsWdkihOfNto9P2TMfnSr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk2NDc4Mzg1NzU3NzEwNjAwMFYxMA%3d%3d&mn_hm=Mjk2NDc4Mzg1NzU3NzEwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI7WHE7m3zbUjqV21xmHMyODgtLrSh3afw1u5NZZxJdbFZhK46OPIKbopUr4uRNSnnNVIjWBnFpsWdkihOfNto9P2TMfnSr&gdpr=&gdpr_consent=
Request Chain 393
  • https://comment.instiengage.com/live/community/static/app.js?v=0.0.42 HTTP 301
  • https://static.instiengage.com/app-community/app.js?v=0.0.42
Request Chain 413
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Request Chain 414
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc78628e-0db1-4400-a175-f29090861e69&gdpr=0&gdpr_consent=
Request Chain 415
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2288197559826090879
Request Chain 417
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PDuyILn7SjqIifQXfAUdLw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 418
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dc78628e-0db1-4400-a175-f29090861e69
Request Chain 419
  • https://pixel.onaudience.com/?partner=214&mapped=3C3BB220-B9FB-4A3A-8889-F4177C051D2F HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 420
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0MzQkIyMjAtQjlGQi00QTNBLTg4ODktRjQxNzdDMDUxRDJG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPKYPJAOT5ob3JGv2uBhX8k&google_cver=1
Request Chain 423
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3101216839812627722
Request Chain 425
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2205566270350662059&gdpr=0&gdpr_consent=
Request Chain 426
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LGx5tCo6ILc3a3TpKW9s5yw9deU3a3PmKW4thT3y
Request Chain 451
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=694e0c7c-b595-44da-8fa0-f57e1eb18dd9&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator&zcc=1&cb=1653476787196 HTTP 302
  • https://ex.ingage.tech/v1/syncPage/unruly?uid=OPTOUT HTTP 302
  • https://ex.ingage.tech/v1/sync/unruly/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=OPTOUT
Request Chain 453
  • https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID HTTP 302
  • https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Request Chain 461
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Request Chain 476
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Db1c222e27fbeead5 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Request Chain 477
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db1c222e27fbeead5%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b1c222e27fbeead5&uid=2205566270350662059
Request Chain 479
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 487
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB&dcc=t
Request Chain 488
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yo4Ns5yoAZWb3DBaVKB9pgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECpSyGWuUyHG4R9PVUCpLvI&google_cver=1&gdpr=1
Request Chain 489
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-388ff068-6f50-4b07-b593-76ad57dd0602
Request Chain 490
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 498
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 503
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b2c9a8de-287e-4ab0-b8ec-a9509daff152&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Request Chain 509
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4779416c-7bec-4958-9a86-4fba10c267eb&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 510
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=72094b8e-cc65-4554-7702-c21a30964717&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=72094b8e-cc65-4554-7702-c21a30964717&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=21781525640432367874033364658726620190&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Request Chain 512
  • https://bn01.er.bemail.it/zeotap.php?_bid=72094b8e-cc65-4554-7702-c21a30964717&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022052513-15519-0.773852001653476786-a7370635ceb5b7e33c0035623ef8fb65&zdid=533&env=mWeb
Request Chain 513
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7101628724870248595&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Request Chain 514
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=72094b8e-cc65-4554-7702-c21a30964717 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=72094b8e-cc65-4554-7702-c21a30964717
Request Chain 515
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=72094b8e-cc65-4554-7702-c21a30964717&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=72094b8e-cc65-4554-7702-c21a30964717&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361&bounce=1&random=4208105806 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=depC414p1jkV6dEWA4unvO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Request Chain 517
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=72094b8e-cc65-4554-7702-c21a30964717?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=72094b8e-cc65-4554-7702-c21a30964717?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Request Chain 518
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-4ztZsMhE2oqDspcqmFwBeWoAyqKbVf9BpQ--~A&zpartnerid=570&env=mWeb
Request Chain 519
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vopkNd%2FXwqKewetex49sbljCKx4VuI7%2F%2BS41iYitP1U%3D
Request Chain 522
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361&_test=Yo4NswAD8EypMQAo HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yo4NswAD8EypMQAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&_test=Yo4NswAD8EypMQAo
Request Chain 523
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=dc78628e-0db1-4400-a175-f29090861e69&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Request Chain 524
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Request Chain 525
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=72094b8e-cc65-4554-7702-c21a30964717&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=72094b8e-cc65-4554-7702-c21a30964717&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&dcc=t
Request Chain 527
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Request Chain 532
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gX6MhtjIw0P71B1mlN6H4Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3321768456275391090
Request Chain 533
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NuYx-_rUTYC8H_u5e7dqAQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NuYx-_rUTYC8H_u5e7dqAQ
Request Chain 534
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3LHDUOW-V-HYX3
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDxgcNRo0X0hoDSrSrVcRgg&google_cver=1
Request Chain 537
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3LHDUOW-V-HYX3&sigv=1&esig=2~623cef7a32bc6bde8f0816134c0ef89aed647afb
Request Chain 538
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGQ5NGEwMjJhY2FjMjVjYTU1NGZhNTBkZmZiZTQ4MTE0ZDBkOWM5OA
Request Chain 544
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Yo4NswAD8KmomQAo HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yo4NswAD8KmomQAo&gdpr=1&_test=Yo4NswAD8KmomQAo
Request Chain 548
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=H8wOknXp1NTOQp5&gdpr=1
Request Chain 551
  • https://global.fncstatic.com/static/v/all/js/ads.js HTTP 301
  • https://static.foxnews.com/static/v/all/js/ads.js
Request Chain 582
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent=&google_gid=CAESECoB5mC7zddsCD7Lcvj7sZQ&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 584
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=712156065992100998 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent=
Request Chain 600
  • https://global.fncstatic.com/static/isa/app/lib/VisitorAPI.orig.js HTTP 301
  • https://static.foxnews.com/static/isa/app/lib/VisitorAPI.orig.js
Request Chain 633
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
Request Chain 634
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
Request Chain 635
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TXW5RZQoSwJe5dA2-RrHTMEbDhs
Request Chain 636
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFELTBrN0ZIQnNBQUV0YWNnNnVlUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGj5k7FHBsAAEmb48_3BQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGj5k7FHBsAAEmb48_3BQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 637
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 640
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1653476790183 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 641
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 643
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=972f202ef65afcf1/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRTXMXaXnMUVgMjMb HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRTXMXaXnMUVgMjMb HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
Request Chain 644
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ba82e97c-e848-4a88-81f3-3fe8ebd40ab8-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 647
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
Request Chain 648
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
Request Chain 649
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&addseg=19,36,42
Request Chain 650
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 652
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F HTTP 302
  • https://a.audrte.com/p
Request Chain 654
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f.b6FYJE2uUUs6JDXnFBx.tYfFybQfM-~A&gdpr=0&gdpr_consent=
Request Chain 655
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fab8b569-83e5-4975-b199-101a3ee87ffe HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fab8b569-83e5-4975-b199-101a3ee87ffe HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=0b185867-8420-4e41-97b8-b03192d4516e&ssp=pubmatic&expires=30&user_group=5&bsw_param=fab8b569-83e5-4975-b199-101a3ee87ffe HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fab8b569-83e5-4975-b199-101a3ee87ffe&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 656
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2957325134359435425&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 657
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4ca9e53d-2c48-4602-9b69-5f4c3e63c1d6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 660
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2205566270350662059
Request Chain 662
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bb00e100-dc1a-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Request Chain 663
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr= HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&addseg=19,36,42
Request Chain 664
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 666
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F HTTP 302
  • https://a.audrte.com/p
Request Chain 667
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
Request Chain 669
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f.b6FYJE2uUUs6JDXnFBx.tYfFybQfM-~A&gdpr=0&gdpr_consent=
Request Chain 670
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a2e13459-fd3b-4370-a497-24c442dc36a0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fab8b569-83e5-4975-b199-101a3ee87ffe&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 671
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
Request Chain 672
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xQmU7hs8RSpkSW-o7fFrH8EbDhs
Request Chain 673
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8145471905090246817&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 674
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3a4c8b4a-de05-4707-868d-23f938b5907a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 676
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHajVrN0ZIQnNBQUVtYjQ4XzNCUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGj5k7FHBsAAEmb48_3BQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGj5k7FHBsAAEmb48_3BQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 677
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 681
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1653476790263 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 682
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 684
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=972f202ef65afcf1/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRTXMXaXnMUVgMjMb HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRTXMXaXnMUVgMjMb HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
Request Chain 685
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f70e1f77-21db-4bd5-a789-fbb95488b72e-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 686
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2205566270350662059
Request Chain 690
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bafdd391-dc1a-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Request Chain 691
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
Request Chain 692
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
Request Chain 697
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3C3BB220-B9FB-4A3A-8889-F4177C051D2F

697 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/ 		237 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c90b1c69476f2db6294323a60dd7cc36da501c7f60dad9a97990babfb87ef6c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=1800
cf-cache-status
MISS
cf-ray
710dcd164c0101f4-ZRH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 25 May 2022 11:06:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 25 May 2022 11:06:21 GMT
link
<https://www.westernjournal.com/wp-json/>; rel="https://api.w.org/" <https://www.westernjournal.com/wp-json/wp/v2/posts/3026586>; rel="alternate"; type="application/json" <https://www.westernjournal.com/?p=3026586>; rel=shortlink
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
script.js
d3l320urli0p1u.cloudfront.net./ 		117 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3l320urli0p1u.cloudfront.net./script.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:d:99dd:3480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5743da1c5df75bcf9c6d7f48b2f1c798652ee675e433a7b5f4af269a924c3fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:03:04 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 09:37:54 GMT
server
AmazonS3
age
199
etag
W/"b17eb694c93292d51d35a4412300e813"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
U62pEYEK0B5RtVlqxyQURBhjXFGQxlmr72ujQxFUHhZCTIpPvrec5w==
classic-main.css
www.westernjournal.com/wp-content/themes/firefly/assets/css/ 		60 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/wp-content/themes/firefly/assets/css/classic-main.css?ver=2.0-1641232671
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26946852fe38cd34ff4e70cac90f08e721f88421433cdc8e39fcf0e0486b4ba9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Jan 2022 17:57:51 GMT
server
cloudflare
age
856
etag
W/"61d3391f-ee22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
710dcd1fec7701f4-ZRH
cf-bgj
minify
prebid.js
www.westernjournal.com/wp-content/themes/firefly/assets/js/ 		290 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1646083962
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df1bfdeb4012eb958a83f652311e16d8f2e1a20a59b47eef7994078fa8ed5218
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 21:32:42 GMT
server
cloudflare
age
856
etag
W/"621d3f7a-48849"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
710dcd205d4b01f4-ZRH
9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
product.instiengage.com/product-loader-code/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71eb79f43875ee192ac190979a2a3bfab225f89ac544d048f767c1b5f5c55f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:03:40 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 16:47:40 GMT
server
AmazonS3
age
163
etag
W/"0b6f6f00493b819ae7c9ff901fa8f5b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
yTjGo4K_SWEFBowI9uEMpumlOVqEjqtu
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
leqjbDu3ga4f8AJLUftlcn8346Bmzsf_eBp_b8MIlQV7grCjRgPxHg==
optimize.js
www.googleoptimize.com/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-WL75GFT
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6383b9928aad6d49105da8696262ef78f70a9e0bb469396bdaf90361e58078e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41243
x-xss-protection
0
expires
Wed, 25 May 2022 11:06:22 GMT
track.min.js
run.crtx.info/ 		103 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://run.crtx.info/track.min.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fe00:14:248f:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 04:28:51 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
last-modified
Mon, 15 Feb 2021 22:14:47 GMT
server
AmazonS3
age
23852
etag
"f88a765c6ea3dacc55ca6ed581e54f1f"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
105945
x-amz-cf-id
R4riE9O9XIhzD9IuE9WU06bFMGghqhf7rCMu9Tfe0E4XAVjXb_ar5Q==
/
users.api.jeeng.com/users/domains/VAM4nzne41/sdk/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/VAM4nzne41/sdk/
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
49bf7ca24faa57eb3661e6934fb19fb17b2ef808ee65c65cfbb9c76184564710

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
734
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
cloudflare
etag
W/"587cf-dH+2uIQVsMBIlnWK5p6IDU1fHQU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-cloud-trace-context
6ba442c8a2459d3c2b0b1bed86eb9a81
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
cf-ray
710dcd227c479b8c-FRA
x-amz-cf-id
A8TjClxGVXxJ2j8mzzd738exKQ8JsGeuXayqWbOQARBarsnHVSp5Vw==
afihbs.js
b2cdn.automatad.com/geo/OaEAJP/all-geo-W/
Redirect Chain
  • https://go.automatad.com/geo/OaEAJP/afihbs.js
  • https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
41f64ed4dae4ed5a43f286576fe8f0c483faaec3adb7758cbaa80b761e26f68b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
x-openstack-request-id
tx16dc465e1f774d758cb97-00625535de
cdn-edgestorageid
887
access-control-allow-origin
*
x-iplb-instance
28795
cdn-cachedat
04/23/2022 13:35:55
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
tx16dc465e1f774d758cb97-00625535de
server
BunnyCDN-CZ1-887
x-timestamp
1649750563.52547
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Tue, 12 Apr 2022 08:02:44 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-iplb-request-id
B95D01F1:903B_8E2CE366:01BB_625535DD_18AD0EC:23082
vary
Accept-Encoding
x-object-meta-mtime
1648045605.996150093
cdn-cache
REVALIDATED
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=120
cdn-requestid
7571810cee5e3d471c86a76e70dcae51
content-type
application/javascript
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Wed, 25 May 2022 11:06:22 GMT
server
nginx/1.17.8
content-type
text/html; charset=utf-8
location
https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
cache-control
no-cache
x-automatad-country
DE
content-length
93
expires
Wed, 25 May 2022 11:06:21 GMT
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 25 May 2022 11:06:22 GMT
server
nginx/1.21.6
via
1.1 google
gtm.js
www.googletagmanager.com/ 		170 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K3K9VP
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62225a936cd460edc9967db0a7909d1f65c3a4a2bab80814901d7dc7dccb0db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49787
x-xss-protection
0
last-modified
Wed, 25 May 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 May 2022 11:06:22 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158410/3599/ 		167 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:39:57 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421c11-29a3b-5cd3b9c953a17"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=151675
accept-ranges
bytes
content-type
text/javascript
content-length
54751
expires
Fri, 27 May 2022 05:14:17 GMT
9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6a00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcb33771d5d75a3e6bc8ea05e903ea0bf2a76c143cc75563677b5b173d37efc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
kr61CAf7YCSHpU23ZG4g2NkjYbD.xh5T
content-encoding
br
last-modified
Fri, 13 May 2022 16:29:55 GMT
server
AmazonS3
age
49
etag
W/"cdfc72fcdf55f539a37df7f4066d026c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 25 May 2022 11:05:33 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
TVwpi3_hx6FcKD08WmrTAFMaKiFq7x6pTLv5QIe50MyXYZU0y1pzcw==
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-58.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
6485242
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
aeFbNcUE6aIQyx8QRDkzMAUEYWIXbKCCpXDWJBbEEUlI6HNmvsVG_g==
wj-logo-white.svg
www.westernjournal.com/wp-content/uploads/2022/05/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/wj-logo-white.svg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107efb180fdc839cd0c0d138c64525679bfe24d23a45dfe2d707a3d9ec03ed16
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 May 2022 10:03:49 GMT
server
cloudflare
age
521367
etag
W/"62861605-147f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
710dcd212e8201f4-ZRH
wj-logo-blue.svg
www.westernjournal.com/wp-content/uploads/2022/05/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/wj-logo-blue.svg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f3e01f5c6b35ee75f07456af79f93e9477f1d0e167a6d82b11995a9967506c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 May 2022 10:03:51 GMT
server
cloudflare
age
521367
etag
W/"62861607-147f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
710dcd212e8401f4-ZRH
Portrait-150x150.jpg
www.westernjournal.com/wp-content/uploads/2021/04/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2021/04/Portrait-150x150.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17deb6e732f2018ebd4c78f5ec12c468c697ffc43ab3407a3d470d4e1121de0d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept
cf-cache-status
HIT
age
761
cf-polished
origFmt=jpeg, origSize=6534
content-disposition
inline; filename="Portrait-150x150.webp"
content-length
5620
last-modified
Fri, 09 Apr 2021 14:31:41 GMT
server
cloudflare
etag
"6070654d-1986"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
710dcd212e8701f4-ZRH
cf-bgj
imgq:100,h2pri
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8E) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:22 GMT
Content-Encoding
gzip
Age
700
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:06:46 GMT
Server
ECS (amb/6B8E)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
embed.js
video.foxnews.com/v/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.foxnews.com/v/embed.js?id=6306718389112&w=466&h=263
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:696::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache / PHP/5.2.10
Resource Hash
40e96d7634ea6db5e2e5a9a3e116c51893ab48b544b217cba7827511a42efc6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
keep-alive
X-Powered-By
PHP/5.2.10
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Max-Age
86400
Cache-Control
max-age=181
Access-Control-Allow-Credentials
false
Server-Timing
cdn-cache; desc=HIT, edge; dur=149
Access-Control-Allow-Headers
*
Content-Length
555
bundle.js
soapps.net/live/loader/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/bundle.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.141.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-141-237.compute-1.amazonaws.com
Software
/
Resource Hash
d5971f631d8c4068fb7c19eccc9d738ef13785a1fe5c22184a394b5bf5f5130c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 18 May 2022 15:18:18 GMT
ETag
W/"62850e3a-4412"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
counter.js
soapps.net/live/loader/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/counter.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.141.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-141-237.compute-1.amazonaws.com
Software
/
Resource Hash
43f89f7fc4aabb3e5fe28b7c5ad63d387be7b1312833b8e59586a34dbe23c995
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 18 May 2022 15:18:18 GMT
ETag
W/"62850e3a-66bc"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
set.aspx
bh.contextweb.com/bh/ 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/set.aspx?action=add&pid=1&advid=5248&token=LCMHRD&do=add
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
de-DE
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-686468cdff-kxc5g
expires
-1
global-min.js
www.westernjournal.com/wp-content/themes/firefly/assets/js/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1648748805
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3e8a92ee4b87659bc5cf4b6acb66f72b854337fbbe60802dfd4e6d55ae8642
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 31 Mar 2022 17:46:45 GMT
server
cloudflare
age
855
etag
W/"6245e905-18498"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
710dcd212e8a01f4-ZRH
wp-embed.min.js
www.westernjournal.com/wp-includes/js/ 		1 KB
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/wp-includes/js/wp-embed.min.js?ver=5.8.4
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Feb 2021 22:40:03 GMT
server
cloudflare
age
855
etag
W/"601b2643-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
710dcd20ee1a01f4-ZRH
v2fnsXllGjmYYZDkgwKOyVaoXJwgkvcNWxl2LluCH7xXOUPsl-k9MOjWVvyBLU2vM
partplanes.com/ 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partplanes.com/v2fnsXllGjmYYZDkgwKOyVaoXJwgkvcNWxl2LluCH7xXOUPsl-k9MOjWVvyBLU2vM
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
a8d954805d2f201457ff80369efba6555678a0049f0da5156e12f940c440778e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"35d37e2d045677ec844c2ef30fad6ff1af83ae061187ef83d5b0b6385cb9556d"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-3rjd
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 25 May 2022 11:06:22 GMT
x-buildnumber
541459873
timing-allow-origin
*
bidexchange.js
hbx.media.net/ 		571 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CUYW0S8R&version=5.1&dn=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d8b69648b96cfb7a9d0ceb6f650c0215466c91ed4f52e270574ca622b099c113
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Wed, 25 May 2022 11:36:22 GMT
localstore.js
script.4dex.io/ 		483 B
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1869
content-type
application/javascript
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADXOMi7mRpB03Z8PgpNbyJTFcSWWM2PxRsNOb2RgIV6WjOC2rKa4SuOLvS2i8qoHWkwUTxZbWkeHYU071d4cqY69PFX76goCWivi4K5zAilZL%2FPX%2FSnkW0c9iA7OXF62aebyWfptir5jURMU"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176652152482
cache-control
public, max-age=1800
cf-ray
710dcd2308593745-MXP
expires
Wed, 25 May 2022 11:36:22 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14758&site_id=362618&zone_id=1963056&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&tk_flint=pbjs_lite_v4.12.0&x_source.tid=6cdc4f16-1e5d-4f07-9441-3c37ee06046e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5803049484495229
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1646083962
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9a288c93b1defbbbf5cd22f141fc2898e38edcd5c222b2c326ddc49aa67bae04

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:22 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2365
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14758&site_id=362618&zone_id=1963100&size_id=15&alt_size_ids=221&rf=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&tk_flint=pbjs_lite_v4.12.0&x_source.tid=f75e1e1c-85c5-4877-a423-b11dc2b5a25f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.42230784504758234
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1646083962
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a2244f2f39b38ed2ffbe0d88584c6681e464247e1bcc85bb5cfa553ed409e5bb

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:22 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
2335
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1646083962
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
26f7affdd3cdcb2a9a3ed9b935009b5b3b9c610ab5800a3f2554341e4143dd36
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.27; 193.27.14.27; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f14fceff-da49-4067-aaf8-7761d74bd961
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1646083962
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		94 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.12.0
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1646083962
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
c8f3c3fdf4e51cef18bad6854ee5797ad671a8222f40e0ee1c1ecc7d4046086b

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 25 May 2022 11:06:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.westernjournal.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
prebid.media.net/rtb/ 		338 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU8Y0E88
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1646083962
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
439f25cc4930bea9d7fc5f138a4922527b246f281128f616a45483298e50ae1a

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88d775a95cd0d49c6c4e5c3d7d1b442bd055e01cc38504b4b793a6e46890b21d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28684
x-xss-protection
0
server
sffe
etag
"1225 / 918 of 1000 / last-modified: 1653474567"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 May 2022 11:06:22 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:55:15 GMT
content-encoding
gzip
etag
W/"cc07895b7b7c30a55c948b849ccd5e56"
last-modified
Tue, 24 May 2022 19:53:02 GMT
server
AmazonS3
age
667
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront), 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C1, FRA50-C1
x-amz-cf-id
-WffQ0f_GCnz2irJ-wM_A1bI2tMcW1gSGdC3VCEsK_EyxF-CkqQ6Eg==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 03:16:50 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
32506
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
kHAewCYWMB6UzjnBI6OtxJFBXr8ML0Fks1P_ShbpCvjRNxGm3lWyIQ==
delivery.js
assets.revcontent.com/master/ 		151 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7645547953b705cc8ce18203032546158063657a0bd8d256f82d4d91b4541ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 17:09:34 GMT
server
AmazonS3
x-amz-request-id
PVVVZ2P3QXWKVTV9
etag
"9796a569b0cbfc6121cb22e10dc86293"
x-hw
1653476782.cds313.lo4.hn,1653476782.cds072.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
48555
x-amz-id-2
goE3zIsxZhnzqezWUU7OzkounpKJ7VJ5jhLmBVikP2Eo1qVpVXdSuojMmvH1fPv6zHlf7eYl63M=
si
capi.connatix.com/tr/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=360e998e-de7b-4e4c-a145-dc1919ba2590&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
access-control-max-age
86400
content-type
application/json
teju-webclient.min.js
static.solutionshindsight.net/teju-webclient/ 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-110.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64c9643eb0abaefbd603f4f5115b09882c7fe3979cf51aaec99557ec09ac8753

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 19:38:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"dc15035050be67a0ea6026947c9cf8cf"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
no-cache
accept-ranges
bytes
content-length
24598
x-amz-cf-id
ZBlOv3EUPAt87x7ZTCqFpdcWayDL4tKcQqFlKEN9fyhnZZeW2kUnrA==
connatix.player.dc.js
cds.connatix.com/p/163691/ Frame 1E7C
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
  • https://cds.connatix.com/p/163691/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
890 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/163691/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32d1c316765881cc94ccbe2ea9d19cab52f1282a814e67249315de45566e9ac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 08:34:48 GMT
age
8812
etag
"70170c23ff5bfe298e66c18a33d601ea"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
212667

Redirect headers

location
https://cds.connatix.com/p/163691/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
date
Wed, 25 May 2022 11:06:22 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
Michael-and-Robbie-Phillips-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/05/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/Michael-and-Robbie-Phillips-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70bb11662604b3fce7985f117170c0948ef581759c41e8b4f3214a02db887945
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
71010
cf-polished
origSize=35754, status=webp_bigger
content-length
31355
last-modified
Tue, 24 May 2022 14:40:26 GMT
server
cloudflare
etag
"628cee5a-8baa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
710dcd218efc01f4-ZRH
cf-bgj
imgq:100,h2pri
Pauline-Stuart-and-son-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/Pauline-Stuart-and-son-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4788d71adb2cf6e85caf38fbc761e189b0f0f462f0b597308bb4c7e1d112b900
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
68171
cf-polished
origSize=31932, status=webp_bigger
content-length
27639
last-modified
Tue, 24 May 2022 14:21:30 GMT
server
cloudflare
etag
"628ce9ea-7cbc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
710dcd218f0101f4-ZRH
cf-bgj
imgq:100,h2pri
US-map-electricity-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/05/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/US-map-electricity-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71dea17a3db76d8ec32cf1a0cade1c392119ae7459a880aae1fa78bb8f22b992
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
54826
cf-polished
origSize=24180, status=webp_bigger
content-length
19983
last-modified
Tue, 24 May 2022 18:39:43 GMT
server
cloudflare
etag
"628d266f-5e74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
710dcd218f0401f4-ZRH
cf-bgj
imgq:100,h2pri
Conways-Ivanka-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/05/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/Conways-Ivanka-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45f9639c4d344af259aebcc457aaf2b825727820d81c7db3808129148684cd56
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
57908
cf-polished
origSize=37048, status=webp_bigger
content-length
32453
last-modified
Tue, 24 May 2022 17:59:43 GMT
server
cloudflare
etag
"628d1d0f-90b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
710dcd218f0501f4-ZRH
cf-bgj
imgq:100,h2pri
Rebecca-Parson-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/05/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/Rebecca-Parson-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceca0c3e2a9d9e54953aff6d1694bfcef913cd1e8c230236e360f540b6ca655
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
77744
cf-polished
origSize=26031, status=webp_bigger
content-length
21932
last-modified
Tue, 24 May 2022 13:12:31 GMT
server
cloudflare
etag
"628cd9bf-65af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
710dcd218f0801f4-ZRH
cf-bgj
imgq:100,h2pri
Catholic-Church-v-Pelosi-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/05/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/Catholic-Church-v-Pelosi-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35cde474cfe63eec00ec7ad0ea7afc9959eebe8a6d84b35511079964ce149ddb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
55824
cf-polished
origSize=30289, status=webp_bigger
content-length
26133
last-modified
Tue, 24 May 2022 15:37:00 GMT
server
cloudflare
etag
"628cfb9c-7651"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
710dcd218f0d01f4-ZRH
cf-bgj
imgq:100,h2pri
Abanoub-Zakaria-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/05/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/Abanoub-Zakaria-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f78fe5c2049ab339d5e71ab4e146891aa95b4c89afab213bfa76be801d865e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
35117
cf-polished
origSize=24034, status=webp_bigger
content-length
19952
last-modified
Tue, 24 May 2022 21:33:20 GMT
server
cloudflare
etag
"628d4f20-5de2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
710dcd218f0e01f4-ZRH
cf-bgj
imgq:100,h2pri
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DCR5CPLYCJ&l=dataLayer&cx=c
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c10294759361db406bc439858fda55836039fcdafc10f1d14030ca6ad4c8cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70433
x-xss-protection
0
expires
Wed, 25 May 2022 11:06:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5496
date
Wed, 25 May 2022 09:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 25 May 2022 11:34:46 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
uqV60nfWmNjLH+qkcRCnNdHTcpAATcx6RYtQw09N8EAeFdufrA7eIrv1NoYb2BGM4GzSFSv5FU7+KzxUOMYUww==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 25 May 2022 11:06:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
video-embed.html
video.foxnews.com/v/ Frame 579F 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://video.foxnews.com/v/video-embed.html?video_id=6306718389112&loc=westernjournal.com&ref=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&_xcf=
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:696::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache / PHP/5.2.10
Resource Hash
e0c17714481585743b5f37cd468ed3c166bb9e05afbb9511c68e4c7e0da28225

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
Access-Control-Max-Age
86400
Cache-Control
max-age=162
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3123
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 May 2022 11:06:22 GMT
Server
Apache
Server-Timing
cdn-cache; desc=HIT edge; dur=103
Vary
Accept-Encoding
X-Akamai-Transformed
9 1419 0 pmb=mRUM,1
X-Powered-By
PHP/5.2.10
westernjournal.com.1280823.js
jsc.mgid.com/w/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/e/westernjournal.com.1280823.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c207905f09165dabe9c7913f5cf3540c0e02adbacd0b1c65ef1be3b20b5745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
age
2010
last-modified
Thu, 19 May 2022 10:38:39 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NA34NWGVP2QHMREW
x-amz-id-2
xY4IK4eWX1hw3I6SS5o2HNIN07ysUn/0UJlc1IBkJHmekLoU7W3GS3FJJB27q+7A32Ni7QP35Jg=
cf-bgj
minify
server
cloudflare
etag
W/"d13e27d3d95ca6dbc4e353d905c31923"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
l45Gs2.nQQIMIbpOGqsqo9SKPvP_oKj1
cf-ray
710dcd23dd23408d-CDG
expires
Wed, 25 May 2022 14:06:22 GMT
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-16.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
81359
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Tue, 24 May 2022 12:30:24 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
EjLl4PHtXLX7JUAGIoXQV_5CgDpPtqnT4zz2njvc69zHEvHjB9Yr8w==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 01 Jun 2022 11:06:22 GMT
getemails.js
s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/getemails.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.169.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DCR5CPLYCJ&gtm=2oe5n0&_p=366568556&_z=ccd.NNB&cid=1784532977.1653476782&ul=en-us&sr=1600x1200&_s=1&sid=1653476782&sct=1&seg=0&dl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&dt=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DCR5CPLYCJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&time=1653476782509&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&random_number=11298255816&sess_cookie=97eb7b07180fae571ac6d03f426&sess_cookie_flag=1&user_cookie=97eb7b07180fae571ac6d03f426&user_cookie_flag=1&dynamic=true&domain=westernjournal.com&account=C1z2k1acFH002c&jsv=20130128&user_lang=en-US
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 03:48:39 GMT
Via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
26264
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
XgpKAHB7i6u-IsxC-ZW97Jzpl5lwI0SyNc_EJi05V6OR-mHtjXL0MQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:bc:1202:2958:48a5:15cf:db06 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
server
Server
/
geoip.instiengage.com/json/ 		240 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-29.compute-1.amazonaws.com
Software
/
Resource Hash
e59b06972fa5e7cdb4ac416c049d051fd6fbeafe1b8d80ef52e147faac27e1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:22 GMT
access-control-allow-credentials
true
x-database-date
Wed, 25 May 2022 03:17:20 GMT
content-length
240
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 6D4E 		73 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
136
content-length
73
content-type
text/html
date
Wed, 25 May 2022 11:04:10 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
server
AmazonS3
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-id
tQsqDEA8UfCENY24vd1JFEY3jy9MmhKBS057J1aaT7lPzuBbQqoa2Q==
x-amz-cf-pop
FRA50-C1
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
x-cache
Hit from cloudfront
f7060245-2280-4168-a5a7-87f79f9d0e3e.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/ 		156 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/f7060245-2280-4168-a5a7-87f79f9d0e3e.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6a00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ff7aa968d0a73bed3a005cce5f879c67967ea06f7daa04e8de3942b186f74cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
CGsOsWDgXOgJwJGWu4yXUE8JN.1g_saJ
content-encoding
br
last-modified
Fri, 13 May 2022 16:29:52 GMT
server
AmazonS3
age
49
etag
W/"e639c2ea426af9e6d26a19f54892c397"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 25 May 2022 11:05:34 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
AYpysBNsXG5k_IJXcSPOMyN2C1mfII54YsqFGBtWzS7n3HxxGqdFug==
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame 8FAA 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7B) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
62250
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Wed, 25 May 2022 11:06:22 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Sun, 15 May 2022 20:03:39 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B7B)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 May 2022 11:06:22 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
30 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/VAM4nzne41/sdk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
via
1.1 google
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
entities
users.api.jeeng.com/ 		81 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/entities?description_md5=6880f508fc4d016e32087c17686a358d&domain_id=VAM4nzne41&image_url_encoded_md5=8cd5151ab9f63ce296c0d60e7b44bfae&image_url_md5=8cd5151ab9f63ce296c0d60e7b44bfae&published_at_md5=699996170e3438ce779f59bafede6dd0&read_only=false&sdk_version=5.9&title_md5=818f60134f220fd4595c3f95ce49906a&url=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/VAM4nzne41/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6264e6620ba1cf0e75686f823117f332c3c165341f76eeb220eb116ec8f98808

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
via
1.1 2a449514cebabcf6ab64b86d6a229cfe.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
age
82
x-powered-by
Express
x-cache
Hit from cloudfront
content-encoding
gzip
server
cloudflare
etag
W/"51-kFM3Txo7cjpBRznpsKq0R6U3cQU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
f798d17cf32409c275ac8c66b3dca43b
cache-control
max-age=3600
x-amz-cf-pop
TXL50-P2
cf-ray
710dcd237a81cc56-ZRH
x-amz-cf-id
Rkf5ZjPnNlT4EBlb8pXxN7K83usub5Lihm2qsyhg6w_dwMCw1wM0MQ==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 25 May 2022 11:06:22 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1242
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=3ohoXHxVelhlYkYwRURlSm9EaWh5aHM0NUlQVG1tRUxuMFMxZXY3NUdndkp4aFd3VHQ2c3p5aHV2MUdSMVRaL0kzejg0L2ppbXRzZWVzakxSMUtkQUZmb1lvWko2aE1ndHFKS3ArTnNjam1PSTdzSHlIS29ObEhRNmQyM0...
358 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3ohoXHxVelhlYkYwRURlSm9EaWh5aHM0NUlQVG1tRUxuMFMxZXY3NUdndkp4aFd3VHQ2c3p5aHV2MUdSMVRaL0kzejg0L2ppbXRzZWVzakxSMUtkQUZmb1lvWko2aE1ndHFKS3ArTnNjam1PSTdzSHlIS29ObEhRNmQyM0I5OXFmNFVJMXNIRWw1TE82dE5oS3hFbjNFWGYyTVVvSng4bTRncHg3ZjRQZGlaUkRSbXl0aytSQjZoaStHQkJPWE5iVVd0eUFuREhFbDl3MmRPblNkc2dzcGR5K0poaUhNaEVLUzllZ011OHJHc1Exdkk4d1czMTRiT3JMU3BSYWhaRUlndCtofA&cppv=2
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4fe8ed02184e61ac93a668fe114ab2bf01851b3c2beecd497ac0a43996f066bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3347
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:22 GMT
location
https://mug.criteo.com/sid?cpp=3ohoXHxVelhlYkYwRURlSm9EaWh5aHM0NUlQVG1tRUxuMFMxZXY3NUdndkp4aFd3VHQ2c3p5aHV2MUdSMVRaL0kzejg0L2ppbXRzZWVzakxSMUtkQUZmb1lvWko2aE1ndHFKS3ArTnNjam1PSTdzSHlIS29ObEhRNmQyM0I5OXFmNFVJMXNIRWw1TE82dE5oS3hFbjNFWGYyTVVvSng4bTRncHg3ZjRQZGlaUkRSbXl0aytSQjZoaStHQkJPWE5iVVd0eUFuREhFbDl3MmRPblNkc2dzcGR5K0poaUhNaEVLUzllZ011OHJHc1Exdkk4d1czMTRiT3JMU3BSYWhaRUlndCtofA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1534
content-length
509
expires
0
bundle.js
auth.instiengage.com/auth/ Frame 6D4E 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d000:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
108
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:04:54 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XthfHIgJ-m6itv0F1ymc3eGKXxtVCLywRqWCGhJgG3okRYpKQnS55w==
pubads_impl_2022051901.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127573
x-xss-protection
0
last-modified
Thu, 19 May 2022 08:36:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 25 May 2023 10:51:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		246 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.westernjournal.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
7db3c949b635adbb4d643393b77c0cf0f5cc12c5ea71a9d52b1d779f99d9ee70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138
x-xss-protection
0
expires
Wed, 25 May 2022 11:06:22 GMT
settings
syndication.twitter.com/ Frame 8FAA 		278 B
461 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=28802c4d907eb191d2c30b1edaa13d7b0bab5a20
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.westernjournal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time
106
date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 11:06:22 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
2febeeb5f9587264cd142568e289ea079862b84fe2499937224b042c9807034d
content-length
179
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1653476782700&ns_c=UTF-8&cv=3.5&c8=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1653476782700&ns_c=UTF-8&cv=3.5&c8=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%...
0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1653476782700&ns_c=UTF-8&cv=3.5&c8=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&c7=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&c9=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
jJVE_8W85M5mm4qywTNLqbpXTvXxJqwTMXn_J95DPQZ3JgSXmTZnmQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=20480112&ns__t=1653476782700&ns_c=UTF-8&cv=3.5&c8=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&c7=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&c9=
date
Wed, 25 May 2022 11:06:22 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-length
0
x-amz-cf-id
y7HSN_SuDiYDSpUoH4K-aSojTbkydI7Nlt8Z6RYgfUa76C0DK0nxyQ==
x-cache
Miss from cloudfront
ag.core.js
static.foxnews.com/static/orion/scripts/core/ Frame 579F 		283 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Requested by
Host: video.foxnews.com
URL: https://video.foxnews.com/v/video-embed.html?video_id=6306718389112&loc=westernjournal.com&ref=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&_xcf=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1390dcd6713cd7195838917a3fc08f728ef0915a5a925c8b3bb2e29a99813eed
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
ezrKzCBmv.6v7W2imTxp7JfCtL2UxhH5
content-encoding
gzip
etag
"c2aa5e4781689b9da5f3d13907c9922b"
x-amz-request-id
WFD4EXQJAS8WVDM2
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
92503
x-amz-id-2
5gLJoynuLm/pI0+EAP/VkNddQfjZz8kqsDictY+/cYiFOz23Qvi+CGSBk2twE7FBB4kKqKMnamQ=
last-modified
Mon, 23 May 2022 14:40:04 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:22 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
core.js
static.foxnews.com/static/isa/ Frame 579F 		541 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/core.js
Requested by
Host: video.foxnews.com
URL: https://video.foxnews.com/v/video-embed.html?video_id=6306718389112&loc=westernjournal.com&ref=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&_xcf=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
7837ff7ec4d79e3d73a28979862b0f5b277ffb55d97df3d7ce9549677143a0eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
h0NYzz_ZR6ytLSj2CjUj34grB3l4bECD
content-encoding
br
etag
"79325f6794f68003b646ed8f7e7f6261"
x-amz-request-id
PR2X4MM4B7689456
access-control-max-age
86400
content-length
278
x-amz-id-2
iEy5kXr3Baq9zok4xXs5LscQjbT3gU1pKOCrSU9DVoD9dpc4/fS4Ol4xI3ugxBslka8D85yqAdE=
last-modified
Thu, 05 May 2022 19:59:25 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:22 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:22 GMT
embed.js
static.foxnews.com/static/orion/scripts/core/video/ Frame 579F 		992 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/embed.js
Requested by
Host: video.foxnews.com
URL: https://video.foxnews.com/v/video-embed.html?video_id=6306718389112&loc=westernjournal.com&ref=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&_xcf=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
609cd529b1a107a0caf552873c476860dbe349814ea8cf77d42252ada08f1427
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
UnWVxwqSkWuDxCKgeTbDvk73xkhDo5RT
content-encoding
br
etag
"08e31f0bd9be26b29d46444cc86c7300"
x-amz-request-id
GQKG75XE0FVT2NN2
access-control-max-age
86400
content-length
505
x-amz-id-2
03UIy21MMrXay3Mcy2Kk00DfEWcfwq6FvEL05iX/Pi6LeYvvVbD/WypCKQFxUWwdRYWf8X9NTBA=
last-modified
Mon, 23 May 2022 17:02:59 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:22 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=12324
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 14:31:46 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		761 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.westernjournal.com&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
de088236d4b4043c0ae5dfb65f856b1ed6c81bcfba89513d8c38d105a0e8a416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 05:35:57 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
server
Server
age
19825
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
761
x-amz-cf-id
7vghB0Kk9_TffZZOY2ZQB9fw_3DzTi54zqsBEXrsKJjN0F8dublBiQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pid=TbbCSPiJ4iLK1&cb=0&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22BB1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Article%2FWesternJournal_Article_Direct%2FWesternJournal_Article_Direct_BB1%22%7D%2C%7B%22sd%22%3A%22WP1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Article%2FWesternJournal_Article_Direct%2FWesternJournal_Article_Direct_WP1%22%7D%2C%7B%22sd%22%3A%22SB2%22%2C%22s%22%3A%5B%22300x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Article%2FWesternJournal_Article_Direct%2FWesternJournal_Article_Direct_SB2%22%7D%5D&schain=1.0%2C1!fireflyengagement.com%2C2018001%2C1%2C%2C%2C&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
NQQYWYEXYZGAZVY0EJ6W
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
TXU_t2x0mxZdoz9jggFzrtN6yjW6Pk5TVfXNgDvy5pcbHY8FuwMD2g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
35370
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Wed, 25 May 2022 01:16:53 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LpI4l6BL1NCj5-McafOlQebvZn32df8PoDm-ILxW9ldYtpcIauMxvA==
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1297723
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb07b3617c5d8450eb8815-00627a374f
x-amz-id-2
txb07b3617c5d8450eb8815-00627a374f
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SkTptg8pqpGW2erDHcW5AXDblAb1MIGappd346GDUpC8NuPdBYHyGHVCAfi88gcIdFqwo9kpxSo%2BTZ0oOtMhqeaj%2FdRnYkguGpqQREQI52ej4FrmpnE2efcj6aSMfpoVSIJl2vUJHfwpVCW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
710dcd243a9f6967-FRA
access-control-allow-headers
Authorization
/
geoip.insticator.com/json/ 		240 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/f7060245-2280-4168-a5a7-87f79f9d0e3e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.238.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-238-249.compute-1.amazonaws.com
Software
/
Resource Hash
e59b06972fa5e7cdb4ac416c049d051fd6fbeafe1b8d80ef52e147faac27e1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:23 GMT
access-control-allow-credentials
true
x-database-date
Wed, 25 May 2022 02:12:41 GMT
content-length
240
vary
Origin
content-type
application/json
718596c2-8e98-4339-96be-a9e3dafd1b5b
h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h99w9l39sa.execute-api.us-east-1.amazonaws.com/prod/commonid/718596c2-8e98-4339-96be-a9e3dafd1b5b
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/f7060245-2280-4168-a5a7-87f79f9d0e3e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.171.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-171-28.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 11:06:23 GMT
x-amzn-requestid
975694d2-d60d-458b-9ef7-5a1f9f92f95f
x-amz-apigw-id
SrcTYFrooAMFeSg=
x-amzn-trace-id
Root=1-628e0daf-06b1b67b5c80c6e17873f57c;Sampled=0
content-length
2
content-type
application/json
9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		324 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3000:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1bb303d2386562a7588d74570ff7f09e5899c737d88ac7a35eb4bfe35ae7308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
nMHJktMcAX1A3lsuQWR3_cZBq0Bv4RuM
content-encoding
gzip
last-modified
Fri, 13 May 2022 16:48:47 GMT
server
AmazonS3
age
26568
etag
W/"20ba3dfacbdae14f34742646f6dff588"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 03:43:34 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
59KE3gjsnYqEz38EuXQdP742YnsgCZ_rhrqmWI6w14mxt4AxAm2IOA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 20:41:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5db4d56343065"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=26916
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Wed, 25 May 2022 18:34:58 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9023ee9607ec74dd7b47a95a43cf6fba4647e61d5a9026e02b3c63fec8ed9f47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:22 GMT
Content-Encoding
gzip
Age
283
X-Cache
HIT
Connection
keep-alive
Content-Length
16934
x-amz-id-2
W9xenszCnqmPPIvkCLI9W7c1HO1KFQZF47322fatniAJyix1xOJJ0CeEWftrKC9LoQhOhJ8MBdo=
X-Served-By
cache-hhn4049-HHN
Last-Modified
Wed, 25 May 2022 10:28:23 GMT
Server
AmazonS3
X-Timer
S1653476783.859672,VS0,VE0
ETag
"0d19973ec52b8b995d2773145d4ca1c4"
x-amz-request-id
RHJ95QTYY6SZDYW8
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
10
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 25 May 2022 11:55:08 GMT
aax.js
c.aaxads.com/ 		542 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXBDSLO9&hst=www.westernjournal.com&ver=1.2
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
015a582703634dee0147f435b56bcfc4923402892ab5e121dd628105cab106a6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 25 May 2022 11:06:22 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Wed, 25 May 2022 11:36:22 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3ohoXHxVelhlYkYwRURlSm9EaWh5aHM0NUlQVG1tRUxuMFMxZXY3NUdndkp4aFd3VHQ2c3p5aHV2MUdSMVRaL0kzejg0L2ppbXRzZWVzakxSMUtkQUZmb1lvWko2aE1ndHFKS3ArTnNjam1PSTdzSHlIS29ObEhRNmQyM0I5OXFmNFVJMXNIRWw1TE82dE5oS3hFbjNFWGYyTVVvSng4bTRncHg3ZjRQZGlaUkRSbXl0aytSQjZoaStHQkJPWE5iVVd0eUFuREhFbDl3MmRPblNkc2dzcGR5K0poaUhNaEVLUzllZ011OHJHc1Exdkk4d1czMTRiT3JMU3BSYWhaRUlndCtofA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 25 May 2022 11:06:22 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1105
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/f7060245-2280-4168-a5a7-87f79f9d0e3e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.238.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-238-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:23 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.238.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-238-249.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.westernjournal.com
access-control-max-age
3600
content-length
0
date
Wed, 25 May 2022 11:06:23 GMT
vary
Origin
1897937520432117
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1897937520432117?v=2.9.61&r=stable
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3416c3e86558ee22c377fa8021fbaf90cb6859e423c7b73182a8caecb5c83ac0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
x1R7ulP+PpWTNVcxTUYZA3zuatz9oiGArBIqxlmVeeTuVuUNyJgVNwu7GNSFWbnrS4NOc/UG3IZU1OEqrGChjw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 25 May 2022 11:06:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1653476783138
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		219 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
34a3b7e4656324ab31c51879f31cf69342eb5363c2c029a8a25dc641b8b6d281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:22 GMT
content-encoding
gzip
last-modified
Thu, 14 Apr 2022 17:06:32 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a1416-36d12-5dca050d07ebf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=87933
accept-ranges
bytes
content-type
text/javascript
content-length
70850
expires
Thu, 26 May 2022 11:31:55 GMT
rules-p-kZpd2WPpvPttS.js
rules.quantcount.com/ 		2 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-kZpd2WPpvPttS.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:33:48 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server
AmazonS3
age
1954
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
content-length
2
x-amz-cf-id
pRgIO8PHiwvzLHkpp6bHXi0vo3b8_utJeq-J87d2s6QULWvgTJiprg==
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-116.fra50.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 02:03:38 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age
32564
x-amzn-requestid
df77514a-ce07-4ae7-891a-015e9b8b2564
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-628d8e7a-23c753c055c7385301f39305;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA50-C1
x-amz-apigw-id
SqMzJEiQDoEFfDQ=
content-length
30
x-amz-cf-id
4npo5LW0oZDVGPezTdwUMhmezv8wfe3qQUOERG_XWag0-eLgH0lZBQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
westernjournal.com.1280823.es6.js
jsc.mgid.com/w/e/ 		243 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/e/westernjournal.com.1280823.es6.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf8f5ca8242f65e69df8e8f68f1b25846c832f17b54e028e04ec24281ee65d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
cf-cache-status
HIT
age
6058
last-modified
Thu, 19 May 2022 10:38:39 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
S04469N5SMBF11EW
x-amz-id-2
7Afxdq935ZYh9hOmFH9BS9R3faUjpFRCTgNbQlF8e4uFSDxPmUPNcBLOpOyfL7XGYF0CPKS6vKc=
cf-bgj
minify
server
cloudflare
etag
W/"c1cd33bb1dd30397dc0817a739c99861"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
x-amz-version-id
.DQcy5Uald_29ZB250h3CSAaw9S2VjPr
cf-ray
710dcd259cf49259-FRA
expires
Wed, 25 May 2022 14:06:22 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame E191 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:55:15 GMT
content-encoding
gzip
etag
W/"cc07895b7b7c30a55c948b849ccd5e56"
last-modified
Tue, 24 May 2022 19:53:02 GMT
server
AmazonS3
age
667
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront), 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C1, FRA50-C1
x-amz-cf-id
zZdf_le821KlrQ5CXYSFRR2hFRQO61RbLNyoe3ZHQ8Oi3qeeca-Z_A==
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
etag
"45cf913e5d9d3c9b2058033056d3dd23"
age
25210309
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
date
Mon, 23 May 2022 14:14:30 GMT
content-type
image/gif
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
w0wRpt-IzqmTYS0lMOntX1m3qy_a_KoTG5xFtG19QQKwU84TTDIABg==
master.js
static.foxnews.com/static/orion/scripts/core/utils/modulr/ Frame 579F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/modulr/master.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dfbbaaec8c97d04a6d789832533eba4decdabc21dd2c99a2294229a15be9bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
HvBhLCH6aOvvTyzt14SLE2OwtWQTa1ri
content-encoding
gzip
etag
"9a3b0be59798e0d674673ab365965895"
x-amz-request-id
XS0JXF6G9E3N8NGM
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
934
x-amz-id-2
hlZrkrqheX1BQ4tdcY3WzmlY4waTqoIz6/lygOdnTlkgXyZUidjl6GQYsqD2hIYdV/WA8PxseA8ghbzcQo7gYQ==
last-modified
Mon, 23 May 2022 14:40:00 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:23 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=100
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:08:03 GMT
loader.js
static.instiengage.com/app-loader/static/
Redirect Chain
  • https://comment.instiengage.com/live/loader/loader.js
  • https://static.instiengage.com/app-loader/static/loader.js
126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-loader/static/loader.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb2fe08323438721a24bd253e0505f00d59ccadd98835ec86354ecb532ee2b01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
MkDXpPhMUgv0w4aA0vIH2MxesT6sbkSr
content-encoding
br
last-modified
Wed, 18 May 2022 15:16:10 GMT
server
AmazonS3
age
157
etag
W/"41e2b2cab699da72d336eee915a202da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:03:58 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
hmV8smfUnE79FiuDBkYImfr1ZoS3Y5MaaBhEKqPitl-WhHxdrYApOg==

Redirect headers

date
Wed, 25 May 2022 11:06:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://static.instiengage.com/app-loader/static/loader.js
cache-control
max-age=3600
cf-ray
710dcd2658fa2397-ZRH
expires
Wed, 25 May 2022 12:06:23 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/163691/ Frame 1E7C 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 08:34:48 GMT
age
8823
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
player.css
cds.connatix.com/p/163691/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/163691/player.css
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daf028afc101da7201cb211f9786b6a36f6bf60ad836dfe991306140efca2432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 08:34:48 GMT
age
8823
etag
"ea2f9ede807e1b050a71617a64dba818"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8709
/
hb.emxdgt.com/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1653476783211&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.102.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-102-19.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
hb
ssc.33across.com/api/v1/ 		87 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a3f00dd1a2a1a327a70916b978d0f13c9710341497d70e8ac8203727ca886367

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a3f00dd1a2a1a327a70916b978d0f13c9710341497d70e8ac8203727ca886367

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a3f00dd1a2a1a327a70916b978d0f13c9710341497d70e8ac8203727ca886367

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a3f00dd1a2a1a327a70916b978d0f13c9710341497d70e8ac8203727ca886367

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		490 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
44dbacdca61267c79516e07f1705ebb36e1778f878d14fb3c0c71847cf15c37e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:23 GMT
X-Proxy-Origin
193.27.14.27; 193.27.14.27; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
990856f2-8750-4cb3-bc11-8f62ff9c2daa
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
490
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		636 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094%3B771342%3B771344%3B771346&size_id=15&rp_schain=1.0,1!insticator.com,7afb724c-10ef-44e8-8817-eb6f9a5668db,1,,,&rf=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&tg_i.pbadslot=westernjournal.com-div-insticator-ad-cmt-1%3Bwesternjournal.com-div-insticator-ad-cmt-2%3Bwesternjournal.com-div-insticator-ad-cmt-3%3Bwesternjournal.com-div-insticator-ad-cmt-4&tk_flint=pbjs_lite_v6.15.0&x_source.tid=be7a4052-382d-4660-98c7-d56cc009d371%3Bf50b3166-cd06-4508-8863-9cdf6686e3f6%3B59e7ef79-ac0c-4d66-a0e4-b4d08bf4a3e7%3B43b0c3c9-9519-435a-b622-b8a46917c429&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=westernjournal.com-div-insticator-ad-cmt-1%3Bwesternjournal.com-div-insticator-ad-cmt-2%3Bwesternjournal.com-div-insticator-ad-cmt-3%3Bwesternjournal.com-div-insticator-ad-cmt-4&slots=4&rand=0.8622488864770141
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d3e11d117b4e1bf26fb8b03488c62379c46c25ecae8d73279701de0fb63f2201

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:23 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
636
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a020e32827b85d1ba97161ddb9134bcbd7ebd16322fe65d27679452057d506f

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
cf-ray
710dcd28984001db-ZRH
arj
insticator-d.openx.net/w/1.0/ 		73 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cd0fba06-a002-4007-979c-ec86814154a3%2Cdbc03cd3-dcde-40ee-b72c-899e5b0c367c%2C02d6a87a-911b-41c7-924c-625dc222e873%2C0e4df57d-f571-4402-bc2f-ef88b0d26b47&nocache=1653476783221&pubcid=718596c2-8e98-4339-96be-a9e3dafd1b5b&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C215d05a3ee29c1d%2C%2C&aus=300x250%7C300x250%7C300x250%7C300x250&divids=div-insticator-ad-cmt-1%2Cdiv-insticator-ad-cmt-2%2Cdiv-insticator-ad-cmt-3%2Cdiv-insticator-ad-cmt-4&aucs=westernjournal.com-div-insticator-ad-cmt-1%2Cwesternjournal.com-div-insticator-ad-cmt-2%2Cwesternjournal.com-div-insticator-ad-cmt-3%2Cwesternjournal.com-div-insticator-ad-cmt-4&auid=545638243%2C545638243%2C545638243%2C545638243
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/1a2bd40 /
Resource Hash
688eaa3823b4b7980867392aca198c45fa64bcffb06a3ff279f366f0e66c5789

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
server
OXGW/1a2bd40
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		442 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1653476783222&to=0&aun=div-insticator-ad-cmt-1&gpid=westernjournal.com-div-insticator-ad-cmt-1&maxw=300&maxh=250&si=81515&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C215d05a3ee29c1d%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.15.0%22%7D&ogu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ns=10035
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1a8f038139aafdb6514f2fbc2281dabf4a9fd7755e346da477c2ff9faa3715ef

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		442 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1653476783223&to=0&aun=div-insticator-ad-cmt-2&gpid=westernjournal.com-div-insticator-ad-cmt-2&maxw=300&maxh=250&si=81516&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C215d05a3ee29c1d%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.15.0%22%7D&ogu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ns=10035
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3b01ccdac1b172c5266f557ae5601f5e600fef7bffd94c02a794b7c9903b1671

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		442 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1653476783223&to=0&aun=div-insticator-ad-cmt-3&gpid=westernjournal.com-div-insticator-ad-cmt-3&maxw=300&maxh=250&si=81517&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C215d05a3ee29c1d%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.15.0%22%7D&ogu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ns=10035
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cc31f3472bf312cb0d1e8e67a5d29864ac1400e83697dba0d5c7abb6a9d6895a

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		442 B
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1653476783223&to=0&aun=div-insticator-ad-cmt-4&gpid=westernjournal.com-div-insticator-ad-cmt-4&maxw=300&maxh=250&si=81518&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C215d05a3ee29c1d%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.15.0%22%7D&ogu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ns=10035
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b5ab30288f804ea0ac64ca243145f49feca301b0d2a8a3ca7dd3ed85bdd2e4f8

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid
ap.lijit.com/rtb/ 		94 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
fc8334fa6b3770cf65fed03981f95bdc979dc85be546abda72c6fd59df07e22a

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.westernjournal.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
c
prebid.a-mo.net/a/ 		0
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
209
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/213163/0/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/213163/0/mvo?z=1r&hbv=6.15,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ 		158 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2257fc2a37b5bf29d%22%3A%22c2e260cfe351e337fda0%7C300x250%7Cgpid%3Dwesternjournal.com-div-insticator-ad-cmt-1%22%2C%2258f748c944ded4e%22%3A%22ed20059b2775a9921552%7C300x250%7Cgpid%3Dwesternjournal.com-div-insticator-ad-cmt-2%22%2C%2259d6dbc3bb72718%22%3A%22af6f1db0bef4da9f6f7f%7C300x250%7Cgpid%3Dwesternjournal.com-div-insticator-ad-cmt-3%22%2C%226031acb0207f544%22%3A%22aa7d27ad7bdb63242ebd%7C300x250%7Cgpid%3Dwesternjournal.com-div-insticator-ad-cmt-4%22%7D&ref=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&s=2fc7bcbb-692a-468f-b092-9f0e060bb54d&pv=a2106a32-bf6e-42d8-b28a-c8e952b2dd27&vp=desktop&lib_name=prebid&lib_v=6.15.0&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%227afb724c-10ef-44e8-8817-eb6f9a5668db%22%2C%22hp%22%3A1%2C%22rid%22%3A%22215d05a3ee29c1d%22%7D%5D%7D&coppa=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
90351973fcc85abfc1ccf1a58411ed5721478be4c3f954a5e5bdfa716b5a87fd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
183
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
insticator
insticator.technoratimedia.com/openrtb/bids/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_6.15.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
964610004
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
geo.js
static.foxnews.com/static/orion/scripts/core/utils/ Frame 579F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/geo.js?cb=1653476783234
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/isa/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a181be9c7290ea6dc53f4d7c450519c5928b0aa685bcd30436dc5bcf1713f977
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15768000 ; preload
content-encoding
gzip
etag
"8918d114d202696949d555c7175a715e"
x-foxnews-time
1653476783
x-amz-request-id
18BDKQT66F9BCCYB
x-foxnews-geo
countryCode=DE ; regionCode=HE ; dmaCode=false ; zipRange=false ; continent=EU
vary
Accept-Encoding
content-length
1147
x-amz-id-2
E8H2n5p7lg9jsG1DJojYnQa0ZGh4QoyB2dONMb2agjsc7H5/U5cESQ4Fq9eO0kOmF4cyD03Qbf8=
timing-allow-origin
*
server
AmazonS3
date
Wed, 25 May 2022 11:06:23 GMT
access-control-max-age
86400
access-control-allow-methods
GET, GET,POST
x-amz-version-id
hYOFt.evz5ScKQxkhjRWV_TosZ5swwKQ
access-control-allow-origin
*, *
access-control-expose-headers
x-foxnews-geo, x-foxnews-time
cache-control
max-age=33
access-control-allow-credentials
false
content-type
application/x-javascript
access-control-allow-headers
x-foxnews-geo, x-foxnews-time, *
expires
Wed, 25 May 2022 11:06:56 GMT
core-app.js
static.foxnews.com/static/isa/ Frame 579F 		218 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/core-app.js?v=v145
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/isa/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
9e61f672ed52a7160304b809cb2f04be4bcdb5f18039daaa1f48a8b224475bd4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
5jHUIeg4kysxzaRkUbDZPCEjP0_jScPE
content-encoding
br
etag
"9cb2dfce465d38d78e5dd11b91e645bd"
x-amz-request-id
2RW5D3W2BFCPY4JH
access-control-max-age
86400
content-length
61586
x-amz-id-2
keTxlQG7APa0pwqvmCIpkTp7rIFZT7BwC3ExcBFO7Jyf+cCg28ojunNiqGuMHcTy8Ddxf9Ae8Xo=
last-modified
Thu, 05 May 2022 19:49:28 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:23 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:23 GMT
token
eua.instiengage.com/v1/auth/ Frame 6D4E 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-29.compute-1.amazonaws.com
Software
/
Resource Hash
9c6d61841eb52ea462c92c3d06218874543ef119ccb7e3b43c93e84f0ad9c02e

Request headers

Referer
https://auth.instiengage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Wed, 25 May 2022 11:06:23 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.westernjournal.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
710dcd278be10229-ZRH
content-length
0
date
Wed, 25 May 2022 11:06:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin, Access-Control-Request-Headers
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_6.15.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.westernjournal.com
age
0
date
Wed, 25 May 2022 11:06:23 GMT
server
nginx
via
1.1 varnish
x-varnish
972793375
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-29.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://auth.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://auth.instiengage.com
access-control-max-age
3600
content-length
0
date
Wed, 25 May 2022 11:06:23 GMT
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		75 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1354760339844&correlator=110872183379286&eid=31067485%2C31060889&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=101957818%3A22550773714%2CWesternJournal%2CWesternJournal_Article%2CWesternJournal_Article_Direct%2CWesternJournal_Article_Direct_BB1%2CWesternJournal_Article_Direct_WP1%2CWesternJournal_Article_Direct_SB2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=970x250%7C970x90%7C728x90%2C1x1%2C300x250%7C1x1&ifi=1&adks=1409352590%2C842552181%2C2671899693&sfv=1-0-38&ecs=20220525&fsapi=false&prev_scp=ad_h%3D11%26amznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.07%26hb_adid_rubicon%3D22f346476696235%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.07%26hb_adid%3D22f346476696235%26hb_bidder%3Drubicon%7Cad_h%3D11%26amznbid%3D2%26amznp%3D2%7Cad_h%3D11%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D23e546aea4530d5%26hb_bidder_appnexus%3Dappnexus%26hb_format_rubicon%3Dbanner%26hb_source_rubicon%3Dclient%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.07%26hb_adid_rubicon%3D21a76a0a5c13388%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.07%26hb_adid%3D21a76a0a5c13388%26hb_bidder%3Drubicon&eri=1&cust_params=ADRIZER_DEST%3D2517a12224b6bbf04bf59fd26afb095e%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dbusiness%2520and%2520money%252CCalifornia%252Ccrime%252Cinner%2520city%2520crime%252Cmoney%252Ctheft%252CUS%2520news%26Category%3DNews%26URL%3D%252Frobber-ends-thrown-window-2-others-flee%26GoogleCompliant%3Dtrue%26ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1653476783281&lmt=1653476781&dlt=1653476782038&idt=1014&biw=1600&bih=1200&adxs=315%2C-12245933%2C1066&adys=310%2C-12245933%2C1316&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1168x268%7C64x19%7C336x18&msz=970x-1%7C0x-1%7C336x0&fws=0%2C128%2C0&ohw=0%2C0%2C0&ga_vid=1784532977.1653476782&ga_sid=1653476783&ga_hid=366568556&ga_fc=true&btvi=0%7C-1%7C1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
57cdb00e25a93bb85f6abdedfd0d040d7d9758c2ad9b40a8eceedca009468891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21648
x-xss-protection
0
google-lineitem-id
-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1138 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 11:06:23 GMT
expires
Thu, 25 May 2023 11:06:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54260989-7&cid=1784532977.1653476782&jid=444023503&gjid=153632182&_gid=994590483.1653476783&_u=aCDAiUAjBAAAAE~&z=1660358627
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 May 2022 11:06:23 GMT
content-type
text/plain
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=366568556&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&ul=en-us&de=UTF-8&dt=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiUAjB~&jid=444023503&gjid=153632182&cid=1784532977.1653476782&tid=UA-54260989-7&_gid=994590483.1653476783&gtm=2wg5n0K3K9VP&cd1=http%3A%2F%2Fwww.westernjournal.com&cd2=business%20and%20money&cd3=600&cd4=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&cd5=ajose&cd6=News&cd7=2022-05-24&cd10=Josh%20Manning&cd11=Josh%20Manning&cd12=Lorri%20Wickenhauser&cd14=business%20and%20money%2C%20California%2C%20crime%2C%20inner%20city%20crime%2C%20money%2C%20theft%2C%20US%20news&cd15=News&cd16=web&cd17=Josh%20Manning&cd23=20&cd24=110&cd25=57&cd29=0&cd33=2022-05-25T11%3A06%3A22.339%2B00%3A00&cd34=1653476782339.2ly10xr3&cd37=false&cd38=&cd39=&cd40=Video%3A%20Fierce%20Family%20Throws%20Robber%20Into%20Window%20as%20Their%20Mom%20and%20Pop%20Store%20Comes%20Under%20Attack%20in%20California&cd41=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&cd42=3026586&cd43=standard&cd44=106&cd45=110&cd46=true&cd47=above_article&z=76146875
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 19:25:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56467
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205230936/ 		193 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205230936/wrap.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cbfbb0da199fb4d9cc80e193b02480a6e5ef62577eefb68861c74a7909ccc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Age
92
X-Cache
HIT
Connection
keep-alive
Content-Length
62981
x-amz-id-2
lFtKkHsznam6/goTb0wWE7Ff0cduDm4DzMVNS94UGncmN2pWXf9gb2AqagMdb42qH/xbBmuEg1A=
X-Served-By
cache-hhn4049-HHN
Last-Modified
Mon, 23 May 2022 13:39:21 GMT
Server
AmazonS3
X-Timer
S1653476783.318402,VS0,VE0
ETag
"dae5d5341f33d20029125de4e4f7add8"
x-amz-request-id
72SFP41QFYFBTGKK
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
399
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-60.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
EGQWlQ.lK.8OAVRMOQEmijL6oEDuzu3E
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 10:50:53 GMT
server
AmazonS3
age
36947
etag
W/"25bd9a6d37c4f9fe771763986ea8b6cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 25 May 2022 00:50:36 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HcCIzge3HrkYlLG4l-mnEwLScxXnOtaB9WWRqGgzAWC0D_pJWloofw==
pixel;r=1308041575;rf=0;a=p-kZpd2WPpvPttS;url=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F;uh=2b2e810c2650318a...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1308041575;rf=0;a=p-kZpd2WPpvPttS;url=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F;uh=2b2e810c2650318ae57ec03ce144a48b3c391eec5f4ba97535f7b2f3fafd1234;uht=0;fpan=1;fpa=P0-2020592933-1653476783323;pbc=718596c2-8e98-4339-96be-a9e3dafd1b5b;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=westernjournal.com;je=0;sr=1600x1200x24;dst=0;et=1653476783323;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Video%3A%20Fierce%20Family%20Throws%20Robber%20Into%20Window%20as%20Their%20Mom%20and%20Pop%20Store%20Comes%20%2Cdescription.%22We%20just%20really%20hope%20that%20police%20are%20able%20to%20be%20funded%20more%20so%20%252E%252E%252E%20they%20can%20stop%2Curl.https%3A%2F%2Fwww%252Ewesternjournal%252Ecom%2Frobber-ends-thrown-window-2-others-flee-mom-pop-s%2Csite_name.The%20Western%20Journal%2Cimage.https%3A%2F%2Fwww%252Ewesternjournal%252Ecom%2Fwp-content%2Fuploads%2F2022%2F05%2FJewelry-Store-Robbery%252E%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fjpeg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pxusr.gif
c.aaxads.com/ 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=987619
accept-ranges
bytes
content-length
43
expires
Sun, 05 Jun 2022 21:26:42 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=1010984
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 06 Jun 2022 03:56:07 GMT
pls
capi.connatix.com/core/ Frame 1E7C 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6658f4aef05836b69ee100eb23700e2e03117774706b694b6a296f1129c71882

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
7830
/
trends.revcontent.com/api/demand/ 		52 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=110580
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.108.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-108-222.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:23 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.108.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-108-222.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:23 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
horizon_tweet.c9df2d9b929da727d1e2e137e0482378.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.c9df2d9b929da727d1e2e137e0482378.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9D) /
Resource Hash
8993847fc5ab8598921a6022687d68c0efd65ba5e26f8b970ad2b83466edce8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Age
62254
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
2476
x-tw-cdn
VZ
Last-Modified
Sun, 15 May 2022 20:03:31 GMT
Server
ECS (amb/6B9D)
Etag
"550f8d645a77f0ab50d361c5088aa0cf+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
ag.app.js
static.foxnews.com/static/orion/scripts/core/components/ Frame 579F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/components/ag.app.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74b3510b4315f2f3218db3084cd5896dc3adbf1fa4d0db4e5a6bb6705e2743f7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
_jxtc1UdqpJpggyqAGPBXlz2NAJUYWyi
content-encoding
gzip
etag
"f56e092ab76eb96a929b28dd25165302"
x-amz-request-id
KF736678NEP0D717
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
9240
x-amz-id-2
MJNCztyBRE5iVgv9HfABkIgGVSXGXYE9TKMnTavDnljR6qKlg9lGfefKBObu9+O7h+trNInhuY4=
last-modified
Mon, 23 May 2022 14:40:04 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:23 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=133
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:08:36 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame E191 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.westernjournal.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
ce11084a8ef0ecd25054eeca104c73441c66e8fc09c1bbc4b61bd8f1457f83d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 05:55:32 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
server
Server
age
18650
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
2692
x-amz-cf-id
NzxSyCygoeV_8k-KY4jcHb2drZZH7atIS34_4lqzDbc1JILcsfCQAA==
bid
c.amazon-adsystem.com/e/dtb/ Frame E191 		64 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pid=Yq7IKwBNeFS6U&cb=0&ws=0x0&v=7.75.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-cmt-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_1%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_2%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_3%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_4%22%7D%5D&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22tcfv2-error%22%2C%22cmpTimeout%22%3A1000%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
0PBEV4DH9J6A462YNR8S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
O6oeW0NZ40oU3Fc9QE0AK36z2coBUmGQe2aZNqxZDfTDMA9nxjY5vg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E191 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
35371
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Wed, 25 May 2022 01:16:53 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
p3PWgf-udx_T0N_ZKc6PPsNhzl8EL4gbTGgA2UR-8WOR7ZWjASkO6Q==
d3d3Lndlc3Rlcm5qb3VybmFsLmNvbQ==
static.solutionshindsight.net/assets/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/assets/d3d3Lndlc3Rlcm5qb3VybmFsLmNvbQ==
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-110.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae0c46f3225071421afccf843d9475422cf405668c69fb3e4e40ff57ae9e165f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"c6eb99750ab491fc86f7474c9110a3c3"
age
83
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 20 May 2022 04:51:05 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:23 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
eBcpgWkbIwtueCtWhBWP02PWqy5VWGfiW7pvW0kIP4Lg7DkpoPajHg==
prebid_OaEAJP.js
b2cdn.automatad.com/js/ 		246 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2cdn.automatad.com/js/prebid_OaEAJP.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
862c9e3fe674d312ba141089b4e8adc455ba2f60f52436c3ad1a709481e8ce65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
x-openstack-request-id
tx1f03c94651314f07ab170-006267c489
cdn-edgestorageid
887
access-control-allow-origin
*
x-iplb-instance
28796
cdn-cachedat
04/26/2022 10:09:43
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
tx1f03c94651314f07ab170-006267c489
server
BunnyCDN-CZ1-887
x-timestamp
1648037717.36990
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Wed, 23 Mar 2022 12:15:18 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-iplb-request-id
B95D01F3:6891_8E2CE366:01BB_6267C489_5EE43F6:2E967
vary
Accept-Encoding
x-object-meta-mtime
1648037653.553303803
cdn-cache
HIT
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=120
cdn-requestid
c42389157e5cc3789f8bd19dbc4960b1
content-type
application/javascript
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
currency.json
b2cdn.automatad.com/json/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2cdn.automatad.com/json/currency.json
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/OaEAJP/afihbs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
6f4a40d05f513289ed506248e6f7f65561ea2f8424899a218701fee810c62941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
x-openstack-request-id
txa508cfc756ba47ffad16b-00628d8988
cdn-edgestorageid
887
access-control-allow-origin
*
x-iplb-instance
28796
cdn-cachedat
05/25/2022 02:09:22
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
txa508cfc756ba47ffad16b-00628d8988
server
BunnyCDN-CZ1-887
x-timestamp
1653442838.11649
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Wed, 25 May 2022 01:40:39 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-iplb-request-id
B95D01F3:996D_8E2CE366:01BB_628D8987_11F28748:2E968
vary
Accept-Encoding
x-object-meta-mtime
1653442801.966819916
cdn-cache
HIT
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=10800
cdn-requestid
0f5e9d88c41a6fd8819354209993a684
content-type
application/json
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1897937520432117&ev=PageView&dl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&rl=&if=false&ts=1653476783428&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653476783428.1162117146&it=1653476782891&coo=false&rqm=GET
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 25 May 2022 11:06:23 GMT
/
www.facebook.com/tr/ 		44 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1897937520432117&ev=ViewContent&dl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&rl=&if=false&ts=1653476783430&cd[content_name]=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&cd[content_tag]=%5B%22business%20and%20money%2C%20California%2C%20crime%2C%20inner%20city%20crime%2C%20money%2C%20theft%2C%20US%20news%22%5D&cd[content_category]=%5B%22News%22%5D&cd[articleReactions]=%5B%22undefined%22%5D&cd[articleVirtues]=%5B%22undefined%22%5D&cd[siteName]=http%3A%2F%2Fwww.westernjournal.com&cd[wordCount]=600&cd[articleTitle]=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&cd[articleSocialTitle]=Video%3A%20Fierce%20Family%20Throws%20Robber%20Into%20Window%20as%20Their%20Mom%20and%20Pop%20Store%20Comes%20Under%20Attack%20in%20California&cd[articleSEOTitle]=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&cd[articleChooser]=Josh%20Manning&cd[articleTitler]=Josh%20Manning&cd[articleTitleLength]=110&cd[articleSocialTitleLength]=106&cd[articleSEOTitleLength]=110&cd[articleAuthor]=ajose&cd[articleEditor]=Lorri%20Wickenhauser&cd[articleShareTextAuthor]=Josh%20Manning&cd[articleShareTextLength]=57&cd[articlePublishDate]=2022-05-24&cd[paragraphCount]=20&cd[articleID]=3026586&cd[articleFormat]=standard&cd[platform]=web&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1653476783428.1162117146&it=1653476782891&coo=false&rqm=GET
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 25 May 2022 11:06:23 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54260989-7&cid=1784532977.1653476782&jid=444023503&_u=aCDAiUAjBAAAAE~&z=1494429797
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54260989-7&cid=1784532977.1653476782&jid=444023503&_u=aCDAiUAjBAAAAE~&z=1494429797
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aax.js
c.aaxads.com/ Frame E191 		540 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXBDSLO9&hst=&ver=1.2
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
532da24c7bad7bcdde437a34f03a4866059925aeefac6908a2043edeef21df9c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 25 May 2022 11:06:23 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Wed, 25 May 2022 11:36:23 GMT
ats.js
ats.rlcdn.com/ Frame E191 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-16.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
81360
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Tue, 24 May 2022 12:30:24 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
QMw2Ev0V33T5weq3ksGM0jIjTJLmZWRa0cD3vuMvwZMO6FiOhgPGjg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame E191 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Wed, 25 May 2022 11:21:23 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame E191 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c84ec5e2aa9784303ce0e56edeb3379fdc67bd2eee5bdd86fa71fca694c91d54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Age
2551
X-Cache
HIT
Connection
keep-alive
Content-Length
13596
x-amz-id-2
ke/KuLj5zwweyjIeRVfoU+ebmlK8IcooI8fTUjxi6G+Mx2F/2atD18DJDs7k2Wlpi6JSqfpwQ9s=
X-Served-By
cache-hhn4049-HHN
Last-Modified
Wed, 25 May 2022 08:57:25 GMT
Server
AmazonS3
X-Timer
S1653476783.482536,VS0,VE0
ETag
"134fef26208464fa88b317971375b1c7"
x-amz-request-id
GDREMHZSG72YKVF5
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
101
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame E191 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:16:55 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
663591362
sizzle.min.js
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/OaEAJP/afihbs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
576361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6679
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd4-4dc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUL83SYgoIhrI2TxRbD5Ygb6WphBYRLJElHr5ZCQFT94JtCEn5wiEPJt%2BNh467iG8B86CxX%2F%2F3ZkRgKGaNpqF0IOYfXdXUQ58FgklbzE3Um0Io7cz0c64N2K5kC6uTjZmYUlWr3hFwuO0wWTkfTCI5Z%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
710dcd292d4a0211-ZRH
expires
Mon, 15 May 2023 11:06:23 GMT
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAXBDSLO9&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=westernjournal.com&vhuyqdph=ssp-serving-c968f5d8f-wtnfd&vyu=051810_374_052311_344_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001653476783354032397757443665&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=178&fhqg=28&hqg=72&gvwduw=30&fvwduw=28&vwduw=28&uhtxuo=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&nzui=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:23 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 25 May 2022 11:06:23 GMT
VisitorAPI.js
static.foxnews.com/static/isa/app/lib/ Frame 579F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/app/lib/VisitorAPI.js
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/isa/core-app.js?v=v145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
31b8841f45f209e9353685457600eec05a1657e89641cd8e9d9e483a357ff26c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
_elf7sjXAro53.VPjRxjPx9Vy6qv01_i
content-encoding
br
etag
"e02617aa3838429966fbc55082ee788a"
x-amz-request-id
6EVTH5NJCCQF612K
access-control-max-age
86400
content-length
8322
x-amz-id-2
wVWT0iM2Hxt89ndeKB8mb02B06uczFlvO5E67eQ80QiORqqpo08wYXaXf4xQa+bpUstioTSChwc=
last-modified
Thu, 05 May 2022 19:56:37 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:23 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:23 GMT
omtr_code.js
static.foxnews.com/static/isa/app/lib/ Frame 579F 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/app/lib/omtr_code.js
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/isa/core-app.js?v=v145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
51231af79e3740fe49b116d4cef74cdfe64aa23911dbe2c35d8f63f7f73e0be6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
pghHXC3nr8vYSrnT2hgiOav861C.XGDV
content-encoding
br
etag
"36347f0628c09d466fcd3f98d81be54f"
x-amz-request-id
6EVNAZ9FXF65243T
access-control-max-age
86400
content-length
22585
x-amz-id-2
iRIlD9mGbptOdqEzhGZUpVAUGnfvHxrIaKuNRzMZODn/z91UrR+ZOl7DO+SfArXTyuBIsvqPkdg=
last-modified
Thu, 05 May 2022 20:55:05 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:23 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:23 GMT
core.js
static.foxnews.com/static/leap/ Frame 579F 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/leap/core.js
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/isa/core-app.js?v=v145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
2fdb53df4e402567f5003ae3b5f30885f26c1702849e6f813f531de975dc0180
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
5t81yAbLyTjf6Eauw7hemr08NroCBQMT
content-encoding
br
etag
"a1326af5422a25227eaecbf6562aef5a"
x-amz-request-id
N2TF61RN799D0DD5
access-control-max-age
86400
content-length
18797
x-amz-id-2
hCIZt00sXsAVcakqOSkOdMEjb8SP8ZWt27VKVYOFfXvVZxXYP5vWHhB57y8/Z4yfhN7WyNavUjc=
last-modified
Mon, 09 May 2022 16:19:53 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:23 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=277897
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Sat, 28 May 2022 16:18:00 GMT
cache.js
static.foxnews.com/static/orion/scripts/core/utils/ Frame 579F 		229 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/cache.js?cb=202252511630
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a54c284f86836501aa243b5bd578df6ca8f05bc65fae0210f249189989adef22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
Jw6KdIK0BMYZt.VhkOiPfG__MnuSh0az
content-encoding
gzip
etag
"c39602c17fda3dbafb7e9762b2e5e4f8"
x-amz-request-id
18BDP5GKJ3G669QZ
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
186
x-amz-id-2
4acmaaZZeRL1ZrVWmEakue3cgeHP5LcKcplbbH0wCbZ1pDkd2C/lMBnlAIH71uYGS/VnAjncruY=
last-modified
Mon, 23 May 2022 14:39:59 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:23 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=91
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:07:54 GMT
CV6U8-U7UEK-2PJG8-KJALW-TEX3Y
s.go-mpulse.net/boomerang/ Frame 2B6B 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/CV6U8-U7UEK-2PJG8-KJALW-TEX3Y
Requested by
Host: video.foxnews.com
URL: https://video.foxnews.com/v/video-embed.html?video_id=6306718389112&loc=westernjournal.com&ref=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&_xcf=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
last-modified
Tue, 18 Jan 2022 14:05:28 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
insights.bin
ins.connatix.com/788973d1-c859-46c7-b423-1617e55cca14/3/ Frame 1E7C 		173 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/788973d1-c859-46c7-b423-1617e55cca14/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a005359cd3fe7e4cdad88e725b464fc499b5edab12532c3732b51cedd137e66e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 21:25:41 GMT
age
49144
etag
"172fecaf6860041f4abf2898f587db6a"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
156
insights.bin
ins.connatix.com/fca68d3a-17c4-4935-966d-c530ec298e30/3/ Frame 1E7C 		236 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/fca68d3a-17c4-4935-966d-c530ec298e30/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2554157c56a548594be0c185bb175e55d1833474221aa7c3b0d44fed2bf9027

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 01:05:36 GMT
age
10544
etag
"742322e0c77c68730d752f9679bf4760"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
184
insights.bin
ins.connatix.com/ca347bf0-ad69-4b8c-a221-33512c628717/4/ Frame 1E7C 		209 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/ca347bf0-ad69-4b8c-a221-33512c628717/4/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd435703ebe3b096a5ccd9f00b349e94765945fafcbef21dfee57577aa1abe49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 23:16:43 GMT
age
35567
etag
"b414b87c26c85edfbfcb2500ccba7bf8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
176
insights.bin
ins.connatix.com/88b171f4-2a0c-49d3-9c9f-7ddd7b785f9c/3/ Frame 1E7C 		83 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/88b171f4-2a0c-49d3-9c9f-7ddd7b785f9c/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c7874efa20417987a537851b559c58d8490a4cb3079d8bb92333672ab40cb7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 23:05:08 GMT
age
35568
etag
"0364237bc58d7382d2e785385f1d4fab"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
92
insights.bin
ins.connatix.com/718dc16c-85e1-45e6-bbb8-3ebe7141f9a8/3/ Frame 1E7C 		281 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/718dc16c-85e1-45e6-bbb8-3ebe7141f9a8/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62800ccdbac18a0811f3ab41eafccfba4b46b1ee2a4c39e14d60d7b508014105

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 21:00:03 GMT
age
48849
etag
"590dcb08d38ed2efb591aa32cdf6c7af"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
216
insights.bin
ins.connatix.com/adedc4f5-3cbe-4055-913d-12a88d13f9f8/3/ Frame 1E7C 		164 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/adedc4f5-3cbe-4055-913d-12a88d13f9f8/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2eaa5b6616bf2c7233c3e82961a03defbef0207f35285b195b26e90f46242506

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 18:09:24 GMT
age
53742
etag
"4a8f2288a1bc33b4e31753b06e3c7661"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
147
insights.bin
ins.connatix.com/1ad28bf7-3041-4e80-adc8-12370cad7d0e/3/ Frame 1E7C 		101 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/1ad28bf7-3041-4e80-adc8-12370cad7d0e/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
87ecdaf28a0e9098a1bef87df9abb1c1324d1f81baa7b4a6ef7a608d2c7b8ae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 17:47:25 GMT
age
60579
etag
"a7446b9d2c8c869b9bc84c117f713698"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
113
insights.bin
ins.connatix.com/75babd88-9cd6-4eb4-8033-7fa2f50f1164/3/ Frame 1E7C 		101 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/75babd88-9cd6-4eb4-8033-7fa2f50f1164/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e536a58c0be3a8f3982ff9dab8b014f48458b9a41757619207be685f0125e4c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 17:47:04 GMT
age
61483
etag
"c34dc12533b21e35d011272ac12548b1"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
116
insights.bin
ins.connatix.com/fb8dd885-6988-4b3c-bd57-839e7fc37a88/3/ Frame 1E7C 		101 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/fb8dd885-6988-4b3c-bd57-839e7fc37a88/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64258efa2519147855e507870ae1bf845fec24cc98767fa08652c541744c4f00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 01:30:04 GMT
age
118215
etag
"dc39d6ecd707c17af6dfaffc6f61a6ab"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
115
insights.bin
ins.connatix.com/84617c22-b981-41f9-bb51-da9bfa1681b2/4/ Frame 1E7C 		173 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/84617c22-b981-41f9-bb51-da9bfa1681b2/4/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b04942d2dc530880303356e29c1849438b007313759ae4d0dbb39fca3005ec35

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 23:30:11 GMT
age
123812
etag
"54fac14ca06a8dbbcb95477cdadd4cff"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
159
blockedDomains_1.bin
lit.connatix.com/08d84f88-5c3f-4c74-8e09-824cb4460927/ Frame 1E7C 		65 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d84f88-5c3f-4c74-8e09-824cb4460927/blockedDomains_1.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66209bec2d6a6e5ff98435e03508825e6e50015917ac83302f4b438603d33476

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 13:25:12 GMT
age
1316164
etag
"937b87fd949773c9532513ce0a503579"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
62
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 1E7C 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
88d775a95cd0d49c6c4e5c3d7d1b442bd055e01cc38504b4b793a6e46890b21d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28684
x-xss-protection
0
server
sffe
etag
"1225 / 538 of 1000 / last-modified: 1653474567"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 May 2022 11:06:23 GMT
3_media.bin
vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ Frame 1E7C 		448 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/3_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f327e8e028da55ad4df0d30795f565a5929c85f1a5a4e4a53f3b1187c696d88c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 21:25:41 GMT
age
41905
etag
"e84e16bb0c6887e1deaff2ac0a96c78f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
381
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1E7C 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128968
x-xss-protection
0
expires
Wed, 25 May 2022 11:06:23 GMT
2.png
img.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/360e998e-de7b-4e4c-a145-dc1919ba2590/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/360e998e-de7b-4e4c-a145-dc1919ba2590/2.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06cec1f5d6ddbd571ebcea93c0d7b118b301b5a90d0dd01cc0fc3ddfcc7c5463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
age
1913162
etag
"DjjaypRQtq3FFoV9W7rtBdyELLrNsBOHtvpNCL6Idsc"
access-control-max-age
86400
fastly-io-info
ifsz=19885 idim=478x478 ifmt=png ofsz=8402 odim=478x478 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
7935
/
onetag-geo.s-onetag.com/ 		555 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:26:42 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age
9581
x-amzn-requestid
3880673c-0594-4374-965f-7d3f4d7c8544
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6, FRA50-C1
x-amz-apigw-id
SrE6ZFMBCYcFheQ=
content-length
555
x-amz-cf-id
KHBlWiYNyeLmDkt-0RmNubcEvhV-uTGARJwS-5Lg211rfBf29T64tQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-101.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
uiJ1YCXqTfg4YsRV.iQoQhQ_4iTW1U6K
content-encoding
gzip
etag
W/"af8244025b2d978df209bf028c458664"
last-modified
Mon, 04 Apr 2022 13:02:16 GMT
server
AmazonS3
age
25987
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 25 May 2022 03:53:17 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
4uF5Il6lW_JzPBcAYfOAda6Pw40qB-0D2qFuhx0DO4jG4kd5nW5KeQ==
ag.app.js
static.foxnews.com/static/orion/scripts/core/templates/ Frame 579F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/templates/ag.app.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daeb7eb5e28b2e9fa737f3b056309aadb697d3643bc45dfacce761ec79a5212e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
x7bj9AGBznA.xGPzrh6hQEZLZf0karqE
content-encoding
gzip
etag
"5e5b3c2744e928d1ed49301bbfad8045"
x-amz-request-id
XS0T5HVWXGV44DG7
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
1682
x-amz-id-2
BE8dWodJ9LUx5FeUOUXc4j8kFckxXj9y0OSmP663LtYt+DN0lSLb6FUjgjCwSFaQBTE8Q0O8s1A=
last-modified
Mon, 23 May 2022 14:40:05 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:23 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=189
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:09:32 GMT
_bulk
api.solutionshindsight.net/v2/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v2/events/_bulk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 25 May 2022 11:06:23 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-amz-apigw-id
SrcTfHZTIAMF_Zg=
x-amz-cf-id
NAsN9B-_RByAxZVLNjdAcu7qSbJDyIM-psAmZ_gn5iuPbnHE8xjVZg==
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
5fbcd5d9-b95a-48e0-8129-ca971734b634
x-cache
Miss from cloudfront
wp-banners.js
static.solutionshindsight.net/teju-webclient/ 		264 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-110.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 19:38:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"ad589d6b82b30323a8ed3150b72defbe"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control
no-cache
accept-ranges
bytes
content-length
190
x-amz-cf-id
KmQB8A69q3QwZFMy_wReuzScHIMKLEk5zQGDyqONziqEZCjHiQRXaw==
_bulk
api.solutionshindsight.net/v2/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.solutionshindsight.net/v2/events/_bulk
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-76.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
07030ef0-c2ce-4de5-b418-21a1fe63d624
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-628e0db0-1e29724948d9c8997b961e98
x-amz-apigw-id
SrcTiF8ooAMFmYA=
content-length
0
x-amz-cf-id
DBGPo-l1T9GSFJDIrQTRi4IpCvq55Jnxzn5QYpkjK_FRWF6dxXJc0Q==
getContentIdByUrl
comment.instiengage.com/live/comments/api/comments/ 		79 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/comments/api/comments/getContentIdByUrl?integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&extPageId=3026586&imageUrl=https://www.westernjournal.com/wp-content/uploads/2022/05/Jewelry-Store-Robbery.jpg
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7dbff50f7523121a306802523d3dbdcec6884e12a73780388f0313233e098f5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
requestid
139b9b88-ae51-4eec-b209-8ac077f08e98
vary
Origin, Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
710dcd2a1e9e0211-ZRH
Tweet.html
platform.twitter.com/embed/ Frame 0B38 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B87) /
Resource Hash
0d94c6ca41ca0297b5db7bf3e86df8e667dfaaa28306512ee47f5321cbdfccfb

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
262
Cache-Control
public, max-age=1800
Content-Length
487
Content-Type
text/html; charset=utf-8
Date
Wed, 25 May 2022 11:06:23 GMT
Etag
"daa30c749e20d524c6e1f91172936966"
Last-Modified
Tue, 24 May 2022 17:45:23 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B87)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
jot
syndication.twitter.com/i/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?dnt=1&l=%7B%22experiment_key%22%3A%22tfw_tweet_result_migration_13979%22%2C%22bucket%22%3A%22tweet_result%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221528858595269709826%22%5D%2C%22item_details%22%3A%7B%221528858595269709826%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1653476783714%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_tweet_result_migration_13979%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=28802c4d907eb191d2c30b1edaa13d7b0bab5a20
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Wed, 25 May 2022 11:06:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
2febeeb5f9587264cd142568e289ea079862b84fe2499937224b042c9807034d
x-transaction
3729a90363611d43
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
trends.revcontent.com/api/delivery/ 		16 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=110580&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&icr_url=&va=0&time=1653476783737&up=pc&bn=chrome&bv=101&widget_width=336&style_id=0&idhub[pubcid]=718596c2-8e98-4339-96be-a9e3dafd1b5b
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.108.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-108-222.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
ee9f8931bc4c10cfa932c454a933726cdff32ad5c18a2f31c5e8c38bd2222f64
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
7090
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205230936/ Frame E191 		193 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205230936/wrap.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cbfbb0da199fb4d9cc80e193b02480a6e5ef62577eefb68861c74a7909ccc2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Age
92
X-Cache
HIT
Connection
keep-alive
Content-Length
62981
x-amz-id-2
lFtKkHsznam6/goTb0wWE7Ff0cduDm4DzMVNS94UGncmN2pWXf9gb2AqagMdb42qH/xbBmuEg1A=
X-Served-By
cache-hhn4049-HHN
Last-Modified
Mon, 23 May 2022 13:39:21 GMT
Server
AmazonS3
X-Timer
S1653476784.744238,VS0,VE0
ETag
"dae5d5341f33d20029125de4e4f7add8"
x-amz-request-id
72SFP41QFYFBTGKK
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
401
369.json
id5-sync.com/g/v2/ Frame E191 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
f5c67c01b05d541f5778500ab3ae4fd788ca4b239e83fa664fd6d0d5d9cae794
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:23 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/163691/ Frame 1E7C 		162 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 08:34:48 GMT
age
8824
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
pxusr.gif
c.aaxads.com/ Frame E191 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXBDSLO9&hst=&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=987619
accept-ranges
bytes
content-length
43
expires
Sun, 05 Jun 2022 21:26:42 GMT
pxext.gif
www.aaxdetect.com/ Frame E191 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXBDSLO9&hst=&ver=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=1010984
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 06 Jun 2022 03:56:07 GMT
embed.runtime.ca69338794d6f082726f.js
platform.twitter.com/embed/ Frame 0B38 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC4) /
Resource Hash
93ecbab5e299010bc35d9f6fc053bda0cb49c4ddc17c94580dfbb363026e9ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Age
62254
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
4257
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6BC4)
Etag
"9a4282b6993f670bbb457a4485547b39+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.f34a0f34273ac52f3e51.js
platform.twitter.com/embed/ Frame 0B38 		512 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.f34a0f34273ac52f3e51.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC2) /
Resource Hash
5e794d4a1df5f1c1035c15d1f24e115f9fdab9be376f12754239b981f61bf887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Age
62254
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
171249
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:18 GMT
Server
ECS (amb/6BC2)
Etag
"7490e7a386def1875edc794009edc560+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.58f3645101e687f24f08.js
platform.twitter.com/embed/ Frame 0B38 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.58f3645101e687f24f08.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B95) /
Resource Hash
52c19e156be623c2b03edbf619561b9ce54fef7186e33dc7152bb17b7cc2f1ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Age
62254
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
794
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6B95)
Etag
"cfb405c70f2f1c1a003ec96fa540cf30+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.5873ce9d0c70658e7ccd.js
platform.twitter.com/embed/ Frame 0B38 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.5873ce9d0c70658e7ccd.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA2) /
Resource Hash
5dda812a740330e433a068a9b9f612408b59fae77134374987757b9e01d7d3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:23 GMT
Content-Encoding
gzip
Age
62254
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
5581
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6BA2)
Etag
"06fc44d10c052bb020a21c64eb4eae5f+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
container.html
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7624 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 11:06:23 GMT
expires
Thu, 25 May 2023 11:06:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 25 May 2022 11:06:24 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 364D 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
backfillad
dashboard.insticator.com/embeds/ Frame 5107 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 5107 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame C08B 		1 KB
844 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.20.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-20-6.compute-1.amazonaws.com
Software
/
Resource Hash
bc289123775a6c62fbe4fad0e619f6a2090ece2b82bf7bc43ee4674aedf06980

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
705
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:24 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame 8FA8 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 8FA8 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 3FE2 		1 KB
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.20.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-20-6.compute-1.amazonaws.com
Software
/
Resource Hash
bc289123775a6c62fbe4fad0e619f6a2090ece2b82bf7bc43ee4674aedf06980

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
705
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:24 GMT
vary
Accept-Encoding
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1653476784026&site_uuid=9af198ff-22cf-4d4b-80d5-b58d0f23e539&hostname=www.westernjournal.com&ad_unit=westernjournal.com_Web_300x250_cmt_2&impression_type=il&device=desktop&country_code=DE
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ca00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 03:12:56 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
age
28423
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
dq2smjt-jIyg2evJMjoxWagDGZRMSFGVv7tBpJ9qg-d7yPwScq__fg==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1653476784037&site_uuid=9af198ff-22cf-4d4b-80d5-b58d0f23e539&hostname=www.westernjournal.com&ad_unit=westernjournal.com_Web_300x250_cmt_4&impression_type=il&device=desktop&country_code=DE
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ca00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 03:12:56 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
age
28423
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
QUr3tE5i2Opbb0xrX3wWEbiDNAXauj9TOeCFjVAPJwqHDbVFcAYwvA==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1354760339844&correlator=4375651607573945&eid=31067485%2C31060889&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=3366142293&sfv=1-0-38&ecs=20220525&fsapi=false&prev_scp=h%3D11%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3D2517a12224b6bbf04bf59fd26afb095e%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dbusiness%2520and%2520money%252CCalifornia%252Ccrime%252Cinner%2520city%2520crime%252Cmoney%252Ctheft%252CUS%2520news%26Category%3DNews%26URL%3D%252Frobber-ends-thrown-window-2-others-flee%26GoogleCompliant%3Dtrue%26ip%3D0%26he%3D0&sc=1&cookie=ID%3De9683a8dc8942371-2210a6889ecd00ec%3AT%3D1653476783%3AS%3DALNI_Mb3tePJWoMmeO4tsPhFDgvlURD8tg&abxe=1&dt=1653476784051&lmt=1653476781&dlt=1653476782038&idt=1014&biw=1600&bih=1200&adxs=302&adys=6305&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=807x290&msz=336x-1&fws=0&ohw=0&ga_vid=1784532977.1653476782&ga_sid=1653476783&ga_hid=366568556&ga_fc=true&btvi=2&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
df79fd46e22e37c39e019c01efef8136306f14ebd17bb4e780fa0ae2d96fbd6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11968
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		466 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1354760339844&correlator=2874871699782378&eid=31067485%2C31060889&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&adks=1787726081&sfv=1-0-38&ecs=20220525&fsapi=false&prev_scp=h%3D11%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3D2517a12224b6bbf04bf59fd26afb095e%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dbusiness%2520and%2520money%252CCalifornia%252Ccrime%252Cinner%2520city%2520crime%252Cmoney%252Ctheft%252CUS%2520news%26Category%3DNews%26URL%3D%252Frobber-ends-thrown-window-2-others-flee%26GoogleCompliant%3Dtrue%26ip%3D0%26he%3D0&sc=1&cookie=ID%3De9683a8dc8942371-2210a6889ecd00ec%3AT%3D1653476783%3AS%3DALNI_Mb3tePJWoMmeO4tsPhFDgvlURD8tg&abxe=1&dt=1653476784056&lmt=1653476781&dlt=1653476782038&idt=1014&biw=1600&bih=1200&adxs=302&adys=6595&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=807x290&msz=336x-1&fws=0&ohw=0&ga_vid=1784532977.1653476782&ga_sid=1653476783&ga_hid=366568556&ga_fc=true&btvi=3&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a52980b2600d3d00735350c0f73b766194f8a5d98a8a67b7ba5295026439e56d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ag.base.js
static.foxnews.com/static/orion/scripts/core/video/ Frame 579F 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/ag.base.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
4a225a6ea939f38eb6bcdbde85e588b4a04096b2d0c7fd9199a965cd2d9af140
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
IV.yvVPaCbbj3vwp4MWuq3BdD385PD40
content-encoding
br
etag
"233a3d42bfad0a6856fae8231c742e39"
x-amz-request-id
PDF34FQWRKEFEHTF
access-control-max-age
86400
content-length
10081
x-amz-id-2
/Y4HFfLQgVYXAiDFreND1FwW/BoMdkzigUOn2M2u/DUKygwTnSAmW3Q6GiagCjdwNUvQZGg1Osc=
last-modified
Mon, 23 May 2022 16:11:07 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:24 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=9632
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 13:46:56 GMT
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 08:26:42 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age
9582
x-amzn-requestid
3880673c-0594-4374-965f-7d3f4d7c8544
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6, FRA50-C1
x-amz-apigw-id
SrE6ZFMBCYcFheQ=
content-length
555
x-amz-cf-id
tCOxRjY7MfFZg3gikwyShTiO82YdIHZc3bvq6E00NGOGr3Q2BoPp8w==
ld.js
static.foxnews.com/static/leap/ext/shims/ Frame 579F 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/leap/ext/shims/ld.js?v=202205091536
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/leap/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
9005d9e2fc2b5a7516b6756d055972ffc7134d17084d99457b9590567c4fc330
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
Z0adwkKo0o25y0Oa2iWabzLm7IEuXMUb
content-encoding
br
etag
"3b53b698f71764584f8f30168ee3fc41"
x-amz-request-id
Z3EPQ9RZB4NB66A5
access-control-max-age
86400
content-length
16259
x-amz-id-2
n6EwdqjWDe4Ibgi9mbOIRMIF1Il71JzFL61HBcyITf7jAFJ3czCqTpBr2m1QVPqasUMXRYu2vU0=
last-modified
Mon, 09 May 2022 16:46:02 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:24 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=279610
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Sat, 28 May 2022 16:46:34 GMT
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ 		0
0
client.js
s0.2mdn.net/instream/video/ Frame 1E7C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 May 2022 11:06:24 GMT
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 258B 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
416811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 15:19:33 GMT
expires
Sat, 20 May 2023 15:19:33 GMT
last-modified
Fri, 20 May 2022 15:15:44 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 5747 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
416811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 15:19:33 GMT
expires
Sat, 20 May 2023 15:19:33 GMT
last-modified
Fri, 20 May 2022 15:15:44 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
l3.aaxads.com/ Frame E191 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAXBDSLO9&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=0&slg=8PR6YK195&gq=westernjournal.com&vhuyqdph=ssp-serving-c968f5d8f-tj955&vyu=051810_374_052311_344_ssp&vf=HE&yhuvlrq=4&yk=0&yz=0&yvlg=&ylg=00001653476783864032397757444039&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=2&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=2&gdeg=2&ghqg=366&fhqg=35&hqg=234&gvwduw=37&fvwduw=35&vwduw=35&uhtxuo=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&nzui=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-117.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:24 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 25 May 2022 11:06:24 GMT
/
www.facebook.com/tr/ Frame C882 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.westernjournal.com
Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.westernjournal.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 11:06:24 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 1E7C 		896 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
ee06fd6c282a16aaf8b6e3a755fea755721f70bab3b9bd4ec112ba9518045a4f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
591
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pid=TbbCSPiJ4iLK1&cb=1&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22id%22%3A%22WJ_Vid_2%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!fireflyengagement.com%2C2018001%2C1%2C%2C%2C&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
Y8RY19JFGK7XJCF42ZQ9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
9UEMZeaw5dTgXyepKWqS1VUW1bEwaD9kDLXd00d2gNUt0OkWdG0PYA==
1_th.jpg
img.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ 		34 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/1_th.jpg?crop=817:460,smart&width=817&height=460&format=jpeg&quality=60&fit=crop
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d038ff4ae7058861eedf4bf0230a0e5602c4d1a1c78e3eab15ffe2ae7670e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
br
age
49262
etag
"/tMS2lOrs4PhQDyqTI8lpiLQTRw0j8HHq1qWyQ9Afuk"
access-control-max-age
86400
fastly-io-info
ifsz=118353 idim=2560x1440 ifmt=jpeg ofsz=34793 odim=817x460 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
33788
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.108.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-108-222.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:24 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
articleCirculation.delivery.js
assets.revcontent.com/master/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/articleCirculation.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afb3ada963db430016044a2ed9373879b6b66f3909efe89bd5d0fa393dce144b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 17:09:38 GMT
server
AmazonS3
x-amz-request-id
PVVQSZGT7RQ4CS42
etag
"81a4ca92c4c8b90779dee1262dd5a1fa"
x-hw
1653476784.cds313.lo4.hn,1653476784.cds251.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
7083
x-amz-id-2
Cwe03JpePm8WBgqBbZrnejrjwFH7aOxtDtIAd35+gnpHohjX2xRkAflFueWlQ8WTlRaufD1ODQU=
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8ac424ddb4951f630d83dec2f6f214cb38dc44376b930f6e0a101c7b904df7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 17:09:38 GMT
server
AmazonS3
x-amz-request-id
PVVMMNXQ6V1TYM6J
etag
"7db7601c4f73908e76113744b3e37ddc"
x-hw
1653476784.cds313.lo4.hn,1653476784.cds004.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6544
x-amz-id-2
C0TxAa7eF2IzQTbDJ+XEfpSRzl4jSXRjDN0z1g6rb9KdiR49AWx4UCT8VIgotUF+5ICUqzpfXik=
defaultWidget.delivery.js
assets.revcontent.com/master/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6190e827506148090c19c2cd5bee26dddac06cf88cabb0c629d246954403877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 17:09:34 GMT
server
AmazonS3
x-amz-request-id
PVVMRFS8PCYDNDQ3
etag
"146e5768ab0cfe5e0c2de8ae521d713f"
x-hw
1653476784.cds313.lo4.hn,1653476784.cds238.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
5368
x-amz-id-2
J6Zs5d5hPaH/qfB4VnjXf79BwmqG93xWj5GO34zd+OZ0hdCnXozoyM+BH2/uogzkb7QA7LVhpsY=
commonModal.delivery.js
assets.revcontent.com/master/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/commonModal.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec4cd1009be8e7307139487fa61b45497d5113f48f422613175ef82307339b34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 17:09:37 GMT
server
AmazonS3
x-amz-request-id
PVVVT4YVATJEPE87
etag
"636075efb9fce8f8e29064c84691234f"
x-hw
1653476784.cds313.lo4.hn,1653476784.cds039.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
1651
x-amz-id-2
Ighks38nPplh2WiWw4ujpph96d4XyKGL/hp8oGNsIWdu7t+HitIoPhHYUaUW8NJYUO1Rfttfe/Y=
A-60B151DA8288234CC8284E80-1.js
s3.amazonaws.com/js.revcontent.com/p0/js/ 		696 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/js.revcontent.com/p0/js/A-60B151DA8288234CC8284E80-1.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.112.245 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
62b994e83624d746da4862895d63dd1fda14d7e851270b153f5335a9b74e17ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:25 GMT
Last-Modified
Mon, 23 May 2022 16:07:23 GMT
Server
AmazonS3
x-amz-request-id
X2XQQ06F77WM0YDQ
ETag
"0169736fdeced47eca992b1e9814de21"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
696
x-amz-id-2
u7gbUYdy01Mb9P7P5G/6NhA2oaLh1Eau7j22ngmZ8z279F7p5w11tJsUueJbcfKVRa2x0AWCqaE=
/
img.revcontent.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
7f2eb2a201b5176b9b91d468c909cccbc8e7bac60742d8483eb5da5a95e80e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
last-modified
Wed, 18 May 2022 15:36:14 GMT
etag
"1652888174"
x-hw
1653476784.cds098.lo4.hn,1653476784.cds279.lo4.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8007
adview
securepubads.g.doubleclick.net/pagead/ Frame 7624 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiPgirw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTFA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hDQVIvEZn99f8lxYH-jN8mlOWf1RS0EFstmwfLTEzxrUhusW0-ozuAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM0Nzc1MzkxMjcwODAzMDMY-uMf&sigh=TxnaPjv7_HI&uach_m=[UACH]&cid=CAQSPwCNIrLMrRh4pjFQ47M0yy8gtADfIX2QHWYBBtqeCNYu0w8PuWIHSsSIQo3Hm83_Sy_PoT64Gw0HdH5sukAJdRgB
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7624 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kdnGEuv_CsoH-gGdg2ICAgAAADYKI-ExAcMcT1746RCvDY5iAedV1gB2N-hWDjEAEgAA&wp=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:23 GMT
server
Kestrel
server-processing-duration-in-ticks
253689
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame DD13 		165 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2fb56c5cfd1409d24fe21b0ec48ea505159c128b0e155f283fc632818b621869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 11:06:24 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SbwPv6Y1igz4_OubGRdEyg3bzMVKN7WnC1KVGUgM2y-c7FIaYRf1FL7F7WF68p0J1GonNY10v2-REnle8sWhoSYg4YeWNTkgpWyd2UZEDknuLsSnFW9LEtZb7e5z8XhHD24ZcbYy3jtIOt2WkNqZ9OYhz5Krudk_wDVi49XChXYqC7WesaNar6fm0GUyhLePbnXOM-Y4TDGGoTuTxWcc1UlmgdVD2cg0ymA29yGp6a9JIxfar4Tjax7iOEi9dqaAn79YYw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
215397267
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 7624 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 10:53:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7624 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653305577626270"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 May 2022 11:06:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 7624 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2621
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
5721884612586531857
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 10:22:43 GMT
l
www.google.com/ads/measurement/ Frame 7624 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfHueZE1NOBR2EV2m3IXGkJbI68ik47_j1wHXVtN07JTBRawCUybKHD0o4TMr4TTEKALAWaletgm5mipU7txFKs1u9lw
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7624 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 May 2023 14:07:23 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5C54 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 25 May 2022 12:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B2EE 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 25 May 2022 12:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4070 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 25 May 2022 12:00:17 GMT
prebid6.20.0.js
cds.connatix.com/p/plugins/ Frame EE2A 		427 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.20.0.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae64c4fccf5c2dec69bcfa480b61f7a4b38af9c9effe8de5a86bd000ea88c74b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 11:11:32 GMT
age
3014541
etag
"c749275a36a4a1eff60db7ff73bdc29a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
113452
embed.vendors~ondemand.en-js.acec6ae280b2e2f6ef87.js
platform.twitter.com/embed/ Frame 0B38 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.acec6ae280b2e2f6ef87.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAD) /
Resource Hash
931750573d4728b1437a7a6769a62596c3f1f011554e2e3f401c7dfd9fb18d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:24 GMT
Content-Encoding
gzip
Age
62255
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
13145
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6BAD)
Etag
"d2f883c771ed4b1c0f62ad00c6ca3a69+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.5ab403453815af8885c8.js
platform.twitter.com/embed/ Frame 0B38 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.5ab403453815af8885c8.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BBD) /
Resource Hash
735f1abaa77b0fb510261c9e7aa05ad695af92b888f85b6604f44d8653ce79dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:24 GMT
Content-Encoding
gzip
Age
62254
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1293
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6BBD)
Etag
"06f8c27a0df1bb9d1d88f152801cdda4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.1e1be839d2d2b69bdf78.js
platform.twitter.com/embed/ Frame 0B38 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.1e1be839d2d2b69bdf78.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA8) /
Resource Hash
7a4645fb7bd66c6fa3088677ee1a517deea83df27006a147e3dcd64387761ba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:24 GMT
Content-Encoding
gzip
Age
62256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1294
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6BA8)
Etag
"152e5ac13ebd99eabd94a11d7061d9ff+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
container.html
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC53 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 11:06:23 GMT
expires
Thu, 25 May 2023 11:06:23 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
lodash.js
static.foxnews.com/static/orion/scripts/core/utils/ Frame 579F 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/lodash.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
661b47b1393b43fa76b501a82b7a77acfdda73961ff2172c0176ccec572f31d2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
At_rb_lqpQqZkwFTXcGSPsBZ0gtQDN97
content-encoding
gzip
etag
"f987819dc468d5ef88d80c31362d2b9f"
x-amz-request-id
3XWVECTDST2VKYEN
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
24276
x-amz-id-2
E8gVBW3y3P3DDluZ2Qjga46wQUVo33aBn62Ud4+y6SfRQ3EUxkDh7C8e3Hs9zDxibRkD+lcNCA0=
last-modified
Mon, 23 May 2022 14:40:00 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:24 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:24 GMT
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 7AA0 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
416811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 20 May 2022 15:19:33 GMT
expires
Sat, 20 May 2023 15:19:33 GMT
last-modified
Fri, 20 May 2022 15:15:44 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
page
comment.instiengage.com/live/comments/api/ Frame 4DC6 		84 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
184f7dfa6aa53dd1c2206d76053792666041e2aff178ec03c279322f7e30fea9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
710dcd3099952397-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
requestid
6fb21e0e-3a56-4d92-8007-62491568a078
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding Origin
938.json
id5-sync.com/g/v2/ 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/938.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a367ee81a8487c2297c3183c14a48a938f9a84ac6ff25f30b5613bbc2e7dc220
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:24 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.70.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-70-186.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e7d27dadae14b5445558f69d65d7412403de70d0d332bd9ab77fc0aacd14cecf

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache
x-server
10.45.3.17
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
963fb8460c0f17482a0d778c2711e21b8761f4a368ce86af35ba1b27d5df92b8

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 24 Jun 2022 11:06:24 GMT
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame 1E7C 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame 1E7C 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
70e5d3e6515e54f63f7bedad090ceeb8-0.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 3FE2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/70e5d3e6515e54f63f7bedad090ceeb8-0.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.20.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-20-6.compute-1.amazonaws.com
Software
/
Resource Hash
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 18:03:26 GMT
etag
70e5d3e6515e54f63f7bedad090ceeb8
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
14092
70e5d3e6515e54f63f7bedad090ceeb8-0.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame C08B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/70e5d3e6515e54f63f7bedad090ceeb8-0.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.20.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-20-6.compute-1.amazonaws.com
Software
/
Resource Hash
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 18:03:26 GMT
etag
70e5d3e6515e54f63f7bedad090ceeb8
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
14092
jq.js
static.foxnews.com/static/leap/ext/shims/ Frame 579F 		128 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/leap/ext/shims/jq.js?v=202205091536
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/leap/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
4b2afecf587c031ea8cef56f84458c7674a3611df6cb7de095757054afe7bc69
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
ZeWgz5B1VT0e.OjU.niUoU6XrTlSIpQB
content-encoding
br
etag
"8146a76f73263e1b4028f09c9b5c78da"
x-amz-request-id
4EKKVNERCY9W3KJP
access-control-max-age
86400
content-length
34025
x-amz-id-2
o1kye9ZJDp9mArFjssdr485lavtF25t0fAQsgCHcs2CLy8Kd8CX+HiXvszG58s/fKKLOy/cu3M0=
last-modified
Mon, 09 May 2022 21:24:42 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:24 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=303514
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Sat, 28 May 2022 23:24:58 GMT
playlist.m3u8
vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ Frame 1E7C 		309 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/playlist.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 21:24:02 GMT
age
34624
etag
"8a966507b13615ecdc1330a4bc9dcfe1"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
analytics.js
www.google-analytics.com/ Frame 3FE2 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5498
date
Wed, 25 May 2022 09:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 25 May 2022 11:34:46 GMT
analytics.js
www.google-analytics.com/ Frame C08B 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5498
date
Wed, 25 May 2022 09:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 25 May 2022 11:34:46 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DD13 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:24 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DD13 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:24 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DD13 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 20 May 2023 11:06:25 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DD13 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 20 May 2023 11:06:25 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame DD13 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=6Oeob3qLD1U6JdEgXK1G6XIo9ZMkMb6mY_pm_bYjJSDtu5tHnEACG-MkeZedzMRjymQGS1xU35b4efzDrbf_sqXJ_Gchndr1XdiOISMXKxcw0GFBqYnM2U9c7NWeavsdafHnsAfkCLlPVKyLQodx4d-iRp-ZUO9Z4zk4KfaCKSn0jaxLFcQzIFc05tn9RHvtBym-GWwfHmt13GJSzvGNLwnfgInIHV8Rd1HfWEI0CJ7sVh6odijDzG9N011A3XObjtMsO5UsmbjE0VI_8THRB-1zyjP7XAW55WyROttpELAWqzolVndVNnRckCvGr-9NvhxFtcTczCy8jom55IJwgj8qmzX_qCYx5H-8xaWH-tkcddOi_wIF5xNYeLbdqhPCzZq7JxWzj8Txtkl5hwtcOudVY7cv_kLTZjEbF9T4Y6gxGbHLerptRWWsvY3MUp5F3SU6Yw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:24 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3329558
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 1E7C 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
adview
securepubads.g.doubleclick.net/pagead/ Frame CC53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbG9hsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSKA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xQPmtniKRhMBQBkbR_xrbeyqoCiaPwe_8l9mHufxWHuZOcs-HsGrgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2OTc2Nzk1MTg1MTU4ODYY1MQM&sigh=dUGNivfdpuU&uach_m=[UACH]&cid=CAQSPACNIrLMfdrdl1cMcPPIqwa4rw5das0NytpENB67gADSf8VRIPpNhaZAgiKm6bjkRblKWvnevglywEIZeRgB
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame CC53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kf79Esc1rAL6AZ2DYgICAAAA4jhFWTNZss1PXvjpELANjmIQu8278Vw2Hwe8PAASAAA&wp=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
server
Kestrel
server-processing-duration-in-ticks
298289
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame C357 		125 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b00bf33297ea9cacd6f7755fb85d426cb82c86c283c667a5c8b95f8d4812a22f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 11:06:24 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=VekhiKY1igz4_OubvhxSrhBWzLV-89ksHeSNmRCkAnX6JQRASHssfzYDiac3Lqx-spR5Bou65bi97C3UL4Fi2Q3-G2IAGIasn3pj_SlCwGFGPdNDeL7iBa29YR3sfn28sbftceYnu-SIrgOZBBRloCFh6sZhcsDT0yZ4kdUl01aofyIA5HQCS1f5mbOfd494YSTCY-pCGrzmeLJWwuVTEEgCzIfvNvmc1z4rUywbkAyJ_fN-GmQOicF333UPXuRdFzfcdg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
63018228
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame CC53 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
750
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 10:53:55 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 331E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 26 May 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC53 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42522
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653305577626270"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 May 2022 11:06:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame CC53 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
5721884612586531857
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Jun 2022 10:53:56 GMT
l
www.google.com/ads/measurement/ Frame CC53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZcEnmKLCiYVwodScdchdXDI6l1nv53v2Wzq32DqyuCOjGi6GbQ6auKKWtoSqp0ORtoWZjBk9bQkPeBJipwSAaCXHrqg
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CC53 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 14:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 May 2023 14:07:23 GMT
pixel
protected-by.clarium.io/ Frame CC53 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31g3teauqs&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI1NTA3NzM3MTQvd2VzdGVybmpvdXJuYWwuY29tX1dlYl8zMDB4MjUwX2NtdF8xIiwieSI6MCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC1jbXQtMSJ9fQ%3D%3D&sb=undefined&cb=8817701&h=www.westernjournal.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.7.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-7-106.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:25 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rc-logo.png
cdn.revcontent.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Mon, 23 May 2022 16:14:55 GMT
etag
"1653322495"
x-hw
1653476785.cds221.lo4.hn,1653476785.cds256.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=81340
accept-ranges
bytes
content-length
2091
impressions
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/impressions
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.231.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-231-245.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:25 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.231.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-231-245.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:25 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.231.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-231-245.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:25 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
0
impressions
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/impressions
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.231.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-231-245.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Wed, 25 May 2022 11:06:25 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.231.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-231-245.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Wed, 25 May 2022 11:06:25 GMT
x-envoy-upstream-service-time
0
Server
openresty
Connection
keep-alive
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.231.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-231-245.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Wed, 25 May 2022 11:06:25 GMT
x-envoy-upstream-service-time
0
Server
openresty
Connection
keep-alive
vary
Origin
config.json
c.go-mpulse.net/api/ Frame 2B6B 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=CV6U8-U7UEK-2PJG8-KJALW-TEX3Y&d=video.foxnews.com&t=5511589&v=1.632.0&if=&sl=0&si=agt8k33xff6-rcfquo&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=332665
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/CV6U8-U7UEK-2PJG8-KJALW-TEX3Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 May 2022 11:06:25 GMT
Connection
keep-alive
Timing-Allow-Origin
*
Content-Type
application/json
v2sxlYWhvCeLNGObb7IY8nP8RwdEElgFOKThq9T4wJCW6haAkMhLWEOk
breadbalance.com/ 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breadbalance.com/v2sxlYWhvCeLNGObb7IY8nP8RwdEElgFOKThq9T4wJCW6haAkMhLWEOk
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
9e0fa38a4164a17e5edf089c6a218aae1e40770c759050eae1cf8402d9275bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"56acd7b7722da9e758ec54702c8ea3a45ca66262e90ce62a2f72478ba3b98299"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-3rjd
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 25 May 2022 11:06:25 GMT
x-buildnumber
541459873
timing-allow-origin
*
0.m3u8
vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ Frame 1E7C 		1 KB
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/0.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57160113d844b3513c94322875b5efa92f1ac34541066bb84628d1d13074518f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 21:24:00 GMT
age
41982
etag
"e3f1801c5448887c4642e44c225a3faa"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
372
environment.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 579F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/environment.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c2ab324a7ae790a41f540126678d783806829f0107c58c11ce5ab74a8a58eff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
9vPcjkrK05vMwiO_FbA2nWB_ZsjehgH1
content-encoding
gzip
etag
"2f5d6819c4d4e8256be503816a08192b"
x-amz-request-id
E5VRHSDD82HJQEPD
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
884
x-amz-id-2
YbaXy/ONovmdY0a/kMOKdrkWhViHsRgsHtAPFoh4e5QAQNP5A7LSZ157DCtWUvXkEu5vWVMVXjo=
last-modified
Mon, 23 May 2022 14:40:06 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:25 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=147
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:08:52 GMT
15668970320741716000.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15668970320741716000.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
954bbd3f40768c6f1ff787924ad7249aba7173e7cde1d893e93c0dafde73e780
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 11 Nov 2021 17:39:13 GMT
server
Cloudinary
etag
"d484ccf0ecfbaf64f9085a902aee13b1"
strict-transport-security
max-age=604800
x-hw
1653476785.cds322.lo4.hn,1653476785.cds087.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=95;cpu=1;start=2021-11-11T17:39:29.547Z;desc=miss,rtt;dur=0,cloudinary;dur=16;start=2021-11-11T17:39:29.584Z
accept-ranges
bytes
timing-allow-origin
*
content-length
18216
b4f855fd9538e2f5e0403f6a09b40c13.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/b4f855fd9538e2f5e0403f6a09b40c13.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a3508c11d37cd025a4f70a9ced5e095e5a74d4600b11ef201332d5a5583ecc8f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 12 Dec 2021 09:25:04 GMT
server
Cloudinary
etag
"177eabf8219cb11017c7280817b18491"
strict-transport-security
max-age=604800
x-hw
1653476785.cds322.lo4.hn,1653476785.cds261.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=1;cpu=0;start=2022-05-10T16:05:13.754Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
8810
621d6563bc90a2-80372385.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/621d6563bc90a2-80372385.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2323bf25cbfed2f1982e739f61ae5a645e288413119668c8b3fb430c73f01e6e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Mar 2022 18:59:06 GMT
server
Cloudinary
etag
"80d947e9613ffd7991a4aa7f159ec2a1"
strict-transport-security
max-age=604800
x-hw
1653476785.cds322.lo4.hn,1653476785.cds071.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=148;cpu=1;start=2022-04-19T19:13:05.555Z;desc=miss,rtt;dur=1,cloudinary;dur=68;start=2022-04-19T19:13:05.596Z
accept-ranges
bytes
timing-allow-origin
*
content-length
10303
css2
fonts.googleapis.com/ Frame 4DC6 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae9199ddd05bc048e061634ce59a3c38c0698dac83e1e8500d382b898d2909ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://comment.instiengage.com/
Origin
https://comment.instiengage.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:28:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 11:06:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 11:06:25 GMT
upvote.svg
static.hunchme.com/files/images/article-sentiment/ Frame 4DC6 		24 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.hunchme.com/files/images/article-sentiment/upvote.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1e00:e:6579:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41a17e937ad1280edb17ba6dc49ed70676cccdab3be42cf183b51b8287aff5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
DORgVXpxpOKFHK7Pvg19oI1BnfEPP8mg
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 11:49:51 GMT
server
AmazonS3
age
460
etag
W/"568980b2c62cdeb3d0607cc701779b95"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control
max-age=900,public
date
Wed, 25 May 2022 10:59:31 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
orrs6G60bTytroOfY_f8pc1bof47b3jBPJAMf1eVtQxwiM_4ziN93g==
app.js
static.instiengage.com/app-comments/ Frame 4DC6
Redirect Chain
  • https://comment.instiengage.com/live/comments/static/app.js?v=0.0.75
  • https://static.instiengage.com/app-comments/app.js?v=0.0.75
2 MB
488 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-comments/app.js?v=0.0.75
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Protocol
H2
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e541a26245742f30823b106a8f76c333d92d551c598abcbd6f26acaee47ef9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
FKS0cmxjV_VgW9Bis23pZ8kRE2CBKWpD
content-encoding
gzip
last-modified
Wed, 18 May 2022 15:54:59 GMT
server
AmazonS3
age
54
etag
W/"ea363a8a421f26547202ff10dce3380f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 25 May 2022 11:06:25 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
sJ72vsNeH7A1ajR7d8F9R_Fi-JR3CI6uEYjb4nRewABtDZlxFe08ZA==

Redirect headers

date
Wed, 25 May 2022 11:06:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://static.instiengage.com/app-comments/app.js?v=0.0.75
cache-control
max-age=3600
cf-ray
710dcd346f2f2397-ZRH
expires
Wed, 25 May 2022 12:06:25 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/4I2fAtE5IxTlczNT3F91OckHtI5wfR7g/ Frame 579F 		369 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/4I2fAtE5IxTlczNT3F91OckHtI5wfR7g/analytics.min.js
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/leap/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-41.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b12a065888b59148f1fc166020aa2f689d4ce6f1764c9cb917d7c5fc1170d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
QCpO.tqccVwhro4hrXa0dlDIi6z6rdt_
content-encoding
br
etag
W/"a8b5048c4132b532cf236d332a421d73"
age
8
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Tue, 10 May 2022 22:19:20 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Rkj0P9JorknEUsgJqsnb2PvOfpQSdcIUM18afgdg8PMVKU7VMXazFw==
embed.vendors~ondemand.Tweet.064ef547621667f0c5ed.js
platform.twitter.com/embed/ Frame 0B38 		450 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.064ef547621667f0c5ed.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B96) /
Resource Hash
2dd03edf39ceb2293a5942ee1925932d1efc47ac74080ca2e2ddd0fd2d35741c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:25 GMT
Content-Encoding
gzip
Age
60386
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
Content-Length
128827
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:19 GMT
Server
ECS (amb/6B96)
Etag
"b9859d36946babed962152b2268dec32+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.6c11ed50c96e5d420222.js
platform.twitter.com/embed/ Frame 0B38 		78 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.6c11ed50c96e5d420222.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B74) /
Resource Hash
a3bd5bea68be00668989516cf333d2640354ba56fc05a68214ec5e6907e4658b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:25 GMT
Content-Encoding
gzip
Age
62255
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
17238
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6B74)
Etag
"8b357bdd85b3bfb897c4d9f81739e645+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
0.mp4
vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ Frame 1E7C 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de356c973c732d66a8c15b9822c944ba53a00edd380d6fc00822cc687ec0f46e

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-1330

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Tue, 24 May 2022 21:24:00 GMT
age
41958
etag
"6c3c65eb629b53fe6136203914beff5d"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1330/14271471
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1331
truncated
/ Frame 7624 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f62d0f0a54abb58296eb05bb7d2d87340d9ba63fdf826e2a9cf391bc7770437

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame DD13 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
img
pix.eu.criteo.net/img/ Frame DD13 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=18240&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F18240%2F150217%2F837651.jpg&v=3&w=356&s=T-nQr82MD4TN_lbB6NdzcZAf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28580646
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
814
expires
Fri, 21 Apr 2023 06:10:31 GMT
img
pix.eu.criteo.net/img/ Frame DD13 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1491220117_VS_neu&v=3&w=800&s=6_09e8tjm2mTXGSuG8XJazPC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b9a122e608ce504e809c0cd8c2cfcb147bf1c311bcf28c9a576f76e8f9567cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
34196
expires
Wed, 25 May 2022 11:06:25 GMT
img
pix.eu.criteo.net/img/ Frame DD13 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F982889_Coin&v=3&w=800&s=i8WOYukRT_ZR7aftoUGLHiH9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5e47aec83e2829920e84c224a1806fe54122b276714a0f121292a2fd57de4718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
47076
expires
Wed, 25 May 2022 11:06:25 GMT
img
pix.eu.criteo.net/img/ Frame DD13 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1490770112_VS&v=3&w=800&s=9oP3PYQRJcqYRpI-e5o_cm3B&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ca534cf2ba32bb9ae097ac3c94721241f7e96c6b8121b8ada67a393f192d7420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
21672
expires
Wed, 25 May 2022 11:06:25 GMT
img
pix.eu.criteo.net/img/ Frame DD13 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F148942_1&v=3&w=800&s=JLMs7ptfMl2q5zjF9kapK3AX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
70e655d417518e626f55217b96fb61339e66460f196d7c999e968f085416361f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
53030
expires
Wed, 25 May 2022 11:06:25 GMT
all
csm.eu.criteo.net/ Frame DD13 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SbwPv6Y1igz4_OubGRdEyg3bzMVKN7WnC1KVGUgM2y-c7FIaYRf1FL7F7WF68p0J1GonNY10v2-REnle8sWhoSYg4YeWNTkgpWyd2UZEDknuLsSnFW9LEtZb7e5z8XhHD24ZcbYy3jtIOt2WkNqZ9OYhz5Krudk_wDVi49XChXYqC7WesaNar6fm0GUyhLePbnXOM-Y4TDGGoTuTxWcc1UlmgdVD2cg0ymA29yGp6a9JIxfar4Tjax7iOEi9dqaAn79YYw&sds=2&rev=81571&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 11:06:24 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DD13 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DD13 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame C357 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C357 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C357 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 20 May 2023 11:06:25 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C357 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 20 May 2023 11:06:25 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame C357 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VreMEVt1SmMsnlPsG6bAgHP_zRRORw7VDqECUNXToO4gnaHg6DI7MCyXk541kaY3KoKF8-a-qswy08J_GBcjWt7oIE2otE2m3CcS4f85NLmWJ-R6e5odjyMPkCA6zIhMLWOO3oAxdcKq7nSOnM5PtmrWJyXbJaqvew8ZUk3jF9krxnaNXfKESw3ZpJZ-RFONIJtYN8ZlJ8e-0pTP66FitQNnOMxR8FuVyF1325zpxQFJu2xqi9_YvlBT1A_8xEmSOct9sBIkGJPDq2yUi96IFtav6zNde-mmIxoQzBDYKDyMOzPVN9_EHRJhkgU1A6qW4sHgpohv-kkkiBseuNIa5AC5Sr1qY10rxuURqcKNHnzgCK6fUT4T4Wtq51Ubz4UP73eB8RyUKOoAnuX-WNnlDM6JehbaPBZkFgkfWaFkngkKdfRxsQPhmBq8Wioy7hWKar3CnQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:24 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3133442
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
css2
fonts.googleapis.com/ Frame 4DC6 		14 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae9199ddd05bc048e061634ce59a3c38c0698dac83e1e8500d382b898d2909ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:09:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 11:06:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 11:06:25 GMT
0.mp4
vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ Frame 1E7C 		695 KB
696 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/0.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd6dc996ed0d5abb8476f977c88ff411f2dcf205d0cb79a5e07328d7fe079c7e

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=1331-713090

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Tue, 24 May 2022 21:24:00 GMT
age
41958
etag
"6c3c65eb629b53fe6136203914beff5d"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1331-713090/14271471
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
711760
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C357 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3568763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIBk8mWkWJZiVeM2oO%2BZ%2F3P18puKBpC%2BdhjtmMa3k47FgFtouIVrjUeMvZUwz0tf6fOzN8IyBeT%2BeeLQpp9kyhala75sOaHb5zWyNaVDyU824Q9TSVMmD5u6AWgQ8KJjoxVX2HPLx0fI2tAAmQ3RFc6x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
710dcd34af9801f8-ZRH
expires
Mon, 15 May 2023 11:06:25 GMT
animejs.js
static.criteo.net/animejs/ Frame C357 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
dpixel
cms.quantserve.com/ Frame 331E 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFsc31zMwVA070bhu8JNNfw&google_cver=1&google_push=AYg5qPKYEdd95QcWOq7TttPSz0sa2c7pnFQWU8OO3-C4BKMxbtV32XDDgERuJvBv8rLHkfZt3jdfJOz8hpMqln7Cy_sw1FFYLrE
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 331E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKAyWB675cHskfgI5BmfyjA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKAyWB675cHskfgI5BmfyjA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDh3T2tuWHAxTlRPUXA1&google_gid=CAESEKAyWB675cHskfgI5BmfyjA&google_cver=1&google_push=AYg5qPIrYkLUjYjNnDv9cty-hIyHe5VpeB6-TLP0oOb40zL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDh3T2tuWHAxTlRPUXA1&google_gid=CAESEKAyWB675cHskfgI5BmfyjA&google_cver=1&google_push=AYg5qPIrYkLUjYjNnDv9cty-hIyHe5VpeB6-TLP0oOb40zL61nMgVZVCYANbxj5q4dBmSfrequ9YLUlrINQvtpebKYHebJUhgj64
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:25 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0d838a898723b026e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SDh3T2tuWHAxTlRPUXA1&google_gid=CAESEKAyWB675cHskfgI5BmfyjA&google_cver=1&google_push=AYg5qPIrYkLUjYjNnDv9cty-hIyHe5VpeB6-TLP0oOb40zL61nMgVZVCYANbxj5q4dBmSfrequ9YLUlrINQvtpebKYHebJUhgj64
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 331E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDlasJ34J2KDPr5LIjY-kRY&google_cver=1&google_push=AYg5qPIUQb3IzVW4eFcUI0QXSc3wjBR80feb6rzqoRgmtpk0rdUD-7dHsvIWp7RuNhcXcDtcQZ3o8uVZljL0iF-B...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIUQb3IzVW4eFcUI0QXSc3wjBR80feb6rzqoRgmtpk0rdUD-7dHsvIWp7RuNhcXcDtcQZ3o8uVZljL0iF-BJT7qJkrw6KH2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIUQb3IzVW4eFcUI0QXSc3wjBR80feb6rzqoRgmtpk0rdUD-7dHsvIWp7RuNhcXcDtcQZ3o8uVZljL0iF-BJT7qJkrw6KH2
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 25 May 2022 11:06:25 GMT
Server
MT3 4409 ba5503e master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIUQb3IzVW4eFcUI0QXSc3wjBR80feb6rzqoRgmtpk0rdUD-7dHsvIWp7RuNhcXcDtcQZ3o8uVZljL0iF-BJT7qJkrw6KH2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 25 May 2022 11:06:24 GMT
dot.gif
s0.2mdn.net/ Frame 331E 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEI2rvZmya5Yj3MTWeaX9UiY&google_cver=1&google_push=AYg5qPLBUJzhR3ZTbndZ3RY-ZvMsj3CtLMrMuz1fm9z6oaHOMxAmvwKgUtI4IvuMYrihk0aKSoyWKpdTPIB7bxWEvf81Z8KcwdbJ
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 May 2022 11:06:25 GMT
pixel
cm.g.doubleclick.net/ Frame 331E
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH7D_keeAGtATvzCnEFtVzA&google_cver=1&google_push=AYg5qPJ_KC3TD98Sq8ToKlwacxbL79II3y6ys17uKRqf-mjlAQZBmjFTDdnGJdsj81JacqVbocmvihwUBMo3s-tU...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJ_KC3TD98Sq8ToKlwacxbL79II3y6ys17uKRqf-mjlAQZBmjFTDdnGJdsj81JacqVbocmvihwUBMo3s-tUL7PEUTWZ54WS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJ_KC3TD98Sq8ToKlwacxbL79II3y6ys17uKRqf-mjlAQZBmjFTDdnGJdsj81JacqVbocmvihwUBMo3s-tUL7PEUTWZ54WS
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 May 2022 11:06:25 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPJ_KC3TD98Sq8ToKlwacxbL79II3y6ys17uKRqf-mjlAQZBmjFTDdnGJdsj81JacqVbocmvihwUBMo3s-tUL7PEUTWZ54WS
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Df-evltjGPg7-8aLJ6ZoE2SWw-Xr-4j4R19i9CNSOMCkbxEggl-YwQ==
pixel
cm.g.doubleclick.net/ Frame 331E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJPYutBplsVloojNhd2KkGZxko6lYAL6V1bFNE00xaSQ55VlJiOuhtMHI6xitrzmoQ2bqpsriKHpAofExZNWfm7Igw2MffP&redir=https%3A%2F%2Fcm.g.doubl...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJPYutBplsVloojNhd2KkGZxko6lYAL6V1bFNE00xaSQ55VlJiOuhtMHI6xitrzmoQ2bqpsriKHpAofExZNWfm7Igw2MffP&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJPYutBplsVloojNhd2KkGZxko6lYAL6V1bFNE00xaSQ55VlJiOuhtMHI6xitrzmoQ2bqpsriKHpAofExZNWfm7Igw2MffP&google_hm=
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:25 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJPYutBplsVloojNhd2KkGZxko6lYAL6V1bFNE00xaSQ55VlJiOuhtMHI6xitrzmoQ2bqpsriKHpAofExZNWfm7Igw2MffP&google_hm=
cache-control
no-store, no-cache, must-revalidate
expires
0
pixel
cm.g.doubleclick.net/ Frame 331E
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGLu3QZTJivodHxQkeTKuUk&google_cver=1&google_push=AYg5qPI7WHE7m3zbUjqV21xmHMyODgtLrSh3afw1u5NZZxJdbFZhK46OPIKbopUr4uRNSnnNVIjWBnFpsWdkihOfNto9P2TMfnSr
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk2NDc4Mzg1NzU3NzEwNjAwMFYxMA%3d%3d&mn_hm=Mjk2NDc4Mzg1NzU3NzEwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI7WHE7m3zbUjqV21xmHMyODgt...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk2NDc4Mzg1NzU3NzEwNjAwMFYxMA%3d%3d&mn_hm=Mjk2NDc4Mzg1NzU3NzEwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI7WHE7m3zbUjqV21xmHMyODgtLrSh3afw1u5NZZxJdbFZhK46OPIKbopUr4uRNSnnNVIjWBnFpsWdkihOfNto9P2TMfnSr&gdpr=&gdpr_consent=
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjk2NDc4Mzg1NzU3NzEwNjAwMFYxMA%3d%3d&mn_hm=Mjk2NDc4Mzg1NzU3NzEwNjAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPI7WHE7m3zbUjqV21xmHMyODgtLrSh3afw1u5NZZxJdbFZhK46OPIKbopUr4uRNSnnNVIjWBnFpsWdkihOfNto9P2TMfnSr&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 25 May 2022 11:06:25 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 331E 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KACrV-yAobdYmPlRh677NdNr5AgIjdDbTAtKvrEyccsGzp7tIET2LstyMtvWExPk6eW16G
Requested by
Host: bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
URL: https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame C357 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame C357 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
modernizr.js
static.foxnews.com/static/orion/scripts/core/utils/ Frame 579F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/modernizr.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d170c118836677fb2af57bb0bbf7f3ed11de3258b6586b9a3b695943ea1c2ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
AFO7AxgwhKI3_j0bd2ITViWREyB7ydqh
content-encoding
gzip
etag
"59263597447bd2b3f22cea851e78672d"
x-amz-request-id
XKEW6SPRTX0PZPQ0
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
2780
x-amz-id-2
lHy7ORB6Rm13ZFlTFWb7WfEWDoHbjr9klmg+dMxtiy5TFgjvmpGrBtl+NF87/CXCWKWnlrgNzRA=
last-modified
Mon, 23 May 2022 14:40:00 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:25 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=280
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:05 GMT
img
pix.eu.criteo.net/img/ Frame C357 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fad5defe2-8433-4070-984a-2c4e3e436eb3_39dfbab7-fe5c-4b6f-9d34-af57818eb1a7.jpg&v=3&w=400&s=Qhu5PRVdyoqMoGdlkiyEh23F&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1798f0a9d19308f6ccf1923ccd7377652467fc81bad168a528a9ca043f5b16f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=435032
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
40938
expires
Mon, 30 May 2022 11:56:58 GMT
all
csm.eu.criteo.net/ Frame C357 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=VekhiKY1igz4_OubvhxSrhBWzLV-89ksHeSNmRCkAnX6JQRASHssfzYDiac3Lqx-spR5Bou65bi97C3UL4Fi2Q3-G2IAGIasn3pj_SlCwGFGPdNDeL7iBa29YR3sfn28sbftceYnu-SIrgOZBBRloCFh6sZhcsDT0yZ4kdUl01aofyIA5HQCS1f5mbOfd494YSTCY-pCGrzmeLJWwuVTEEgCzIfvNvmc1z4rUywbkAyJ_fN-GmQOicF333UPXuRdFzfcdg&sds=2&rev=81571&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 11:06:25 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C357 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C357 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 11:06:25 GMT
truncated
/ Frame CC53 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c74f2ba0a2c851e1b867152898803065e070fed1fda88cbdc3acd6842e368bfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/png
24f27659f7ed4a03a2bc180078a0dbf7_nov21_carmoods_23sek_9x16_1_5.mp4
static.criteo.net/design/dt/2000/220429/ Frame C357 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2000/220429/24f27659f7ed4a03a2bc180078a0dbf7_nov21_carmoods_23sek_9x16_1_5.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Fri, 29 Apr 2022 14:32:18 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"626bf6f2-2b2a75"
strict-transport-security
max-age=31536000; preload;
content-type
video/mp4
Content-Range
bytes 0-2828916/2828917
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
2828917
expires
Sat, 20 May 2023 11:06:25 GMT
gtm.js
www.googletagmanager.com/ Frame 579F 		155 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TX4GF4X&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/4I2fAtE5IxTlczNT3F91OckHtI5wfR7g/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8188610943da4524df3f356b04e47827a5e62a7955c97a8d3319ea75279d652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46074
x-xss-protection
0
last-modified
Wed, 25 May 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 May 2022 11:06:25 GMT
truncated
/ Frame 4DC6 		721 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47f939d447b1f96bd45972df4f933992f168f2a4d34d981a225023cc0559f37b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
04%20-%20news.svg
static.instiengage.com/avatars/ Frame 4DC6 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/04%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6386ea013071217755d9a338da272ee8412ee5f89bc901fbb84d5ce774250b67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
VzzIjvidZOWN.mD_r3KFbnRbGyjvaz8Y
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:34:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"57e1e230d710fe5acaf84678a0505d7b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:06:26 GMT
x-amz-cf-id
D-stGGfMvG3lZJ_IDiPt3MZJA3bYw0zAOvZnmb_Z_N6KlnTRZfJHMw==
09%20-%20news.svg
static.instiengage.com/avatars/ Frame 4DC6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/09%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
846339e8fd4f5615b523b1b65423fa2cee96e43d63398c9e2470b4160129723e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
XqkVc.q_y8tl355Mu_y_4xmZ3Y_1.6Ci
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:32:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"fa6a0f9148778f98b51cac15665b04d6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:06:26 GMT
x-amz-cf-id
H0Wrh5vBAYnVyAxdz1D1Pr8sn7QIcM1R99lhsbAGtIT9zPQ6SUDf_g==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 4DC6 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://comment.instiengage.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 23:32:09 GMT
x-content-type-options
nosniff
age
128056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 23:32:09 GMT
truncated
/ Frame 4DC6 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e970dfa8dd32731a548479e02ce936b96864633f9cc2272c50cd952a2c254c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
tweet-result
cdn.syndication.twimg.com/ Frame 0B38 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_tweet_result_migration_13979%3Atweet_result&id=1528858595269709826&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.f34a0f34273ac52f3e51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
ab8ea95a15308bf6f93bc0ff03988c286e6d8cce8b110748314abcbf1fa49938
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"711-7bk/iLXKLKSlUFdgPZxu/UEUyHM"
x-powered-by
Express
access-control-allow-methods
GET
server-timing
"x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=151
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
141
server
tsa_f
x-frame-options
SAMEORIGIN
date
Wed, 25 May 2022 11:06:25 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
fbe7b36a60e9861c4e027e07516dc1d42452217a8a657fb96abb511b1cfee32d
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
cookie.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 579F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/cookie.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2e8c7ffd18fee1a209683f34a9c118ae8689ae2f36c0da3c99376637d605a14
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
b3e.G0_vfBqi82Xy4fwV8f7.Y_L5EviS
content-encoding
gzip
etag
"62e9578e17f609ace39d3e458a2032f3"
x-amz-request-id
XKERVZ53C0VZV2ZJ
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
746
x-amz-id-2
nImNVDsfRqnuNRauDBhCltT05P0kM8TNSFBp/Q2cEnAmx18K0tUw5SFlNsiArj3C1izaHZTAhps=
last-modified
Mon, 23 May 2022 14:40:05 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:25 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=294
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:19 GMT
24f27659f7ed4a03a2bc180078a0dbf7_nov21_carmoods_23sek_9x16_1_5.mp4
static.criteo.net/design/dt/2000/220429/ Frame C357 		43 KB
43 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2000/220429/24f27659f7ed4a03a2bc180078a0dbf7_nov21_carmoods_23sek_9x16_1_5.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a6e75d35d7449b48533305b1d3c0e2b779a91c2334abb413ee55d476b02316c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=2785280-

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Fri, 29 Apr 2022 14:32:18 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"626bf6f2-2b2a75"
strict-transport-security
max-age=31536000; preload;
content-type
video/mp4
Content-Range
bytes 2785280-2828916/2828917
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
43637
expires
Sat, 20 May 2023 11:06:25 GMT
vendors~editor.js
static.instiengage.com/app-comments/ Frame 4DC6 		251 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-comments/vendors~editor.js
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8478fad0641bb92a6a8a4a8e3189a40120a94f9038c6c393bbde1d7cd2558c3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
R4LiWizd7SSHMLrtqVe5CwGx3cg8P8w4
content-encoding
gzip
last-modified
Wed, 18 May 2022 15:54:59 GMT
server
AmazonS3
age
39
etag
W/"683bbfbbfd8f0858972c11b3d42f1551"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 25 May 2022 11:06:25 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
NcD3QOfiMD9MIbnb8aNhdmpE7GYP4SfdCcxthA822wD1jr-XNdDhyw==
editor.js
static.instiengage.com/app-comments/ Frame 4DC6 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-comments/editor.js
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5264809f3c74ef6f5ab5f0253eab6911fefb461b983c67a5d8bc261eb15fa156

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
wqAq70HxztWFtTRrTFQEAqeFLPs2YMZ1
content-encoding
gzip
last-modified
Wed, 18 May 2022 15:54:59 GMT
server
AmazonS3
age
39
etag
W/"b9e6e1a14773ae816f20af8008ee4ecf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 25 May 2022 11:06:25 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
oKESRGRHcI3M1YeGCp99xuiEBwd70KZQTI2k8trssZARz2HI3uz_qg==
akamai.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 579F 		156 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/akamai.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
287d6c6ff4477ced7bd93cd1daf4cbd0dd741c0d1da858d0b7c9f074259f5570
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
XfqpnB09WqDRu.xNVBMsoYCTQrEOu0KE
content-encoding
gzip
etag
"5d70f922eb6dee6d2e17bd747d1726e3"
x-amz-request-id
XKEG7V07V80AT3MQ
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
148
x-amz-id-2
S76AaWv5BC+8BsiBXcNfOXGkVA73mc66gyMvWVAPGPcAaWbRck0u50MoN/1qZDPGDViihCB+33k=
last-modified
Mon, 23 May 2022 14:40:06 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:25 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:25 GMT
embed.vendors~ondemand.TweetVideo.ecad698481795eeae985.js
platform.twitter.com/embed/ Frame 0B38 		176 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TweetVideo.ecad698481795eeae985.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC5) /
Resource Hash
f317add750ddd447d1ce8af46bf6c7be72e20dc7b62bab2e6ebe76c49be28298

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:25 GMT
Content-Encoding
gzip
Age
62256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
49322
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:18 GMT
Server
ECS (amb/6BC5)
Etag
"a82679f04f9d39f337190d89f2d49abc+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.TweetVideo.8a01957432c51b5863df.js
platform.twitter.com/embed/ Frame 0B38 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.8a01957432c51b5863df.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B90) /
Resource Hash
0c6c069d5fdc30190dc60080cee03972d2d3bd56683dd9c9cdeec954f727c949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:25 GMT
Content-Encoding
gzip
Age
62256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1828
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6B90)
Etag
"1204fbb1ad9c94c1d385215b27a1ae98+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
1f3f3-fe0f-200d-1f308.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 0B38 		409 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f3f3-fe0f-200d-1f308.svg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e61740534a2e504dc51482175d5c9c75e219d1a0f48ca6af3fefe9e0d0bdb8d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
246
etag
"o4pwOIqf+57eJx5BFCqPLg=="
x-served-by
cache-fty21322-FTY, cache-hhn4022-HHN
last-modified
Tue, 08 Mar 2022 20:09:36 GMT
date
Wed, 25 May 2022 11:06:25 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 10 Mar 2023 00:17:30 GMT
jot
syndication.twitter.com/i/ Frame 0B38 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1653476785863%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22WestJournalism%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22realAndrewJose%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22e859ee543b37a%3A1653412767716%22%2C%22item_ids%22%3A%5B%221528858595269709826%22%5D%2C%22item_details%22%3A%7B%221528858595269709826%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
107
pragma
no-cache
last-modified
Wed, 25 May 2022 11:06:25 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
2febeeb5f9587264cd142568e289ea079862b84fe2499937224b042c9807034d
x-transaction
ae6da57317e6c884
expires
Tue, 31 Mar 1981 05:00:00 GMT
page
comment.instiengage.com/live/community/api/ Frame B975 		44 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f4d15966c515898f738808857b88916701771db963b82919260bea2b14f80e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
710dcd37cc282397-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
requestid
bdc0c449-4f7f-4de7-bc7c-91d62026cb49
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding Origin
metrics.js
static.foxnews.com/static/leap/sites/fnc/ Frame 579F 		1020 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/leap/sites/fnc/metrics.js?v=202205091536
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/leap/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
be36dfbf79459fb834d7660117f55a0dc5dd29ee4e9c3d775dd8e5c78b05b578
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
CInDWAcvMWQY9aXCrXuCTMWg8ibvFDNP
content-encoding
br
etag
"ac403880b2a68017513a22c2b96cfc99"
x-amz-request-id
3ESACPWS336V4DGV
access-control-max-age
86400
content-length
458
x-amz-id-2
3Re94PXmQav9fOBbSV1X3YyAwlTzKzcX/2DCDrIXVhRJPbXWPgfy+RNjRJl/DkiIeSgYgPANmIA=
last-modified
Mon, 09 May 2022 15:49:36 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:25 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=276293
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Sat, 28 May 2022 15:51:18 GMT
1.m3u8
vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ Frame 1E7C 		1 KB
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/1.m3u8
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37c86764f33e1f10ddc13e7a5d0e82918084822ec862e8bb5d9451cc36323c1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 21:24:02 GMT
age
21077
etag
"01c7d037a5e894a000f006e2b7853ade"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
394
1.mp4
vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ Frame 1E7C 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/1.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fea216874f9857383d94b69257e9d95b9795a0378de8794b47e6dffa0e60c3f6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=0-1328

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Tue, 24 May 2022 21:24:00 GMT
age
20514
etag
"6f1548920922f4f817692feafc06d0f0-5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1328/24774625
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1329
2w71OcJP_normal.jpg
pbs.twimg.com/profile_images/1265070746931302401/ Frame 0B38 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1265070746931302401/2w71OcJP_normal.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.159 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c763f9182f048caaaa5ae766fea3cacaf8a8b68af18242da389903e050cc3ee9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Tue, 26 May 2020 00:00:24 GMT
date
Wed, 25 May 2022 11:06:25 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
2187
x-served-by
cache-lhr7371-LHR, cache-muc13936-MUC, cache-tw-ZZZ1
is.authenticated.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/is.authenticated.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
8268b1ab77cdb2423bff8159405190e4c8db1a55287f20d4157bb42a99503e1c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
O_61_hlaDJ8nGnu99A9wMQOxgZaL4lLH
content-encoding
br
etag
"8ed33a4ca0d74f8207fcbf86f44d4b6e"
x-amz-request-id
T8YBQE1RAAGW8RBP
access-control-max-age
86400
content-length
742
x-amz-id-2
kjNfFLzwPFrBwi6JxNpdX3sAMEqwfU1dBDLEAK3IfKHpieDZyNVQdMJvDcN4XsNnHUL5qStAsIA=
last-modified
Mon, 23 May 2022 14:49:47 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:25 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=83535
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Thu, 26 May 2022 10:18:40 GMT
1.mp4
vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/ Frame 1E7C 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-360e998e-de7b-4e4c-a145-dc1919ba2590/788973d1-c859-46c7-b423-1617e55cca14/1.mp4
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/163691/hls.5b3b785f487abbe00eee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc44e20529bdeea0cd55ac9fe85b6a6bc91ae3b6198ed6451c62c200a026fc23

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range
bytes=1307785-2574389

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
last-modified
Tue, 24 May 2022 21:24:00 GMT
age
21077
etag
"6f1548920922f4f817692feafc06d0f0-5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1307785-2574389/24774625
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1266605
event
event.instiengage.com/v1/ Frame 4DC6 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_commenting-unit-load-v2
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://comment.instiengage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://comment.instiengage.com
date
Wed, 25 May 2022 11:06:26 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_commenting-unit-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-29.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://comment.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://comment.instiengage.com
access-control-max-age
3600
content-length
0
date
Wed, 25 May 2022 11:06:26 GMT
vary
Origin
truncated
/ Frame 4DC6 		942 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b23695c5196ff9c1a5049ce1bddc19645a6403e1f94a68427ea893e460cf90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4DC6 		864 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8d26986018cd62496d1071f0f70b61a92574a009ce90c360ef3c36a4a2b6055

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4DC6 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
030ba290b8dfcad619974df808d6aa3648e942a6ace49c43dbde16516ca57496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4DC6 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f75e1bbca672b869ac0799c300c0901f0bf6e4f53c32c20387179563b848bf7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4DC6 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573f0be502559eb5ef349ede1ac802407cd2228da8e136ab2cce5d86b9d20f6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4DC6 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e82f7358ecdf8b9b7bd1ba09b899071aa026dd07192dee4bb1c3ad9c29b1cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4DC6 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4663fbcb6ece2376df5b0057eb81ef062d13997e5c556146e3eb2b0d918044f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 4DC6 		855 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3da7daeb348e147594792a28e2766e204d3123c4dc79432c78fe654dcb26ced8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
embed.vendors~loaders.video.VideoPlayerDefaultUI.f312621e634f73728622.js
platform.twitter.com/embed/ Frame 0B38 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI.f312621e634f73728622.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B90) /
Resource Hash
6923042b81eb27352d3150b07fc588b5dbff1a2734bf26daee080111dd075e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:26 GMT
Content-Encoding
gzip
Age
62257
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
34309
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:17 GMT
Server
ECS (amb/6B90)
Etag
"9017aff0bc980e6996ad8c6fd9e1b612+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
platform.twitter.com/embed/ Frame 0B38 		252 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.ca69338794d6f082726f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB0) /
Resource Hash
c8ea83a252003ab0baa8fb4a323192cd71849dc6362dd2bc532a31c9ffb2c94a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=realAndrewJose&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NlbnNpdGl2ZV9tZWRpYV9pbnRlcnN0aXRpYWxfMTM5NjMiOnsiYnVja2V0IjoiaW50ZXJzdGl0aWFsIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1528858595269709826&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=28802c4d907eb191d2c30b1edaa13d7b0bab5a20&siteScreenName=WestJournalism&theme=light&widgetsVersion=c8fe9736dd6fb%3A1649830956492&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:26 GMT
Content-Encoding
gzip
Age
62257
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
75355
x-tw-cdn
VZ
Last-Modified
Tue, 24 May 2022 17:45:18 GMT
Server
ECS (amb/6BB0)
Etag
"1a656c03af2f52357667876d31757ac2+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
1q0f7rVq3RcIvd96.jpg
pbs.twimg.com/ext_tw_video_thumb/1528837976045789185/pu/img/ Frame 0B38 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1528837976045789185/pu/img/1q0f7rVq3RcIvd96.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.159 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a9180d4efbd2cc9bb1df5d3a43ddaabbe126beaa39e7c22e552487133bfc4fc2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
118792
x-served-by
cache-lhr7333-LHR, cache-muc13936-MUC, cache-tw-ZZZ1
localStorage.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 579F 		1 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/localStorage.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6080df858f81b0a3c906ebc8097088f92bd4d5b67b7da878b1d6a33b0fe4a397
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
sovlviHlhf7W2QdUp49EfNQYcW1VgpuC
content-encoding
gzip
etag
"fcb9b549852534fef53db13b525982c9"
x-amz-request-id
XKEKHQHCJRH1AQTJ
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
473
x-amz-id-2
DA3bFcKMg0OQCv0b5fI+wVDPpffepagamGur1uJcQaGV23qnGxdtUcA6NI6a8jkxz5cNtq17F3U=
last-modified
Mon, 23 May 2022 14:40:06 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:26 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=240
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:10:26 GMT
event
event.instiengage.com/v1/ Frame 4DC6 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_user-browser-v2
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.75
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://comment.instiengage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://comment.instiengage.com
date
Wed, 25 May 2022 11:06:26 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_user-browser-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.127.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-127-29.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://comment.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://comment.instiengage.com
access-control-max-age
3600
content-length
0
date
Wed, 25 May 2022 11:06:26 GMT
vary
Origin
v2recGtOP03Ddi1i4EcOVVIFz_2Egc1aQKw7e1FhagzzPD_41p3g0k6BugCqDUQKIVcJl2xuv
breadbalance.com/ 		209 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breadbalance.com/v2recGtOP03Ddi1i4EcOVVIFz_2Egc1aQKw7e1FhagzzPD_41p3g0k6BugCqDUQKIVcJl2xuv
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
a86a71b2f97e8da3c68fc6a1c8727b7bd441808ced5916b2482b4177c5843dff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Wed, 25 May 2022 11:06:26 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-3rjd
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
541459873
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Wed, 25 May 2022 11:06:25 GMT
get.video.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/get.video.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
9621992c0df2048c8da0de19be2d8343de514dae4aabe63b753bcc916a94b547
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
IMVpjNLRiKk3G3lvVv3vj83EeK_nBwgj
content-encoding
br
etag
"d15c5a809e85ad22f135d72ccd7054fc"
x-amz-request-id
288F2TQD5AXQZ046
access-control-max-age
86400
content-length
792
x-amz-id-2
h6f4sQIcJuzabTL/7KlDiJTKvSsl/gkRv2uT1m7eHyfAkQ7MINTQDh60VPO5pDsobNa0/qO7Uhk=
last-modified
Mon, 23 May 2022 14:49:11 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=83706
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Thu, 26 May 2022 10:21:32 GMT
1q0f7rVq3RcIvd96.jpg
pbs.twimg.com/ext_tw_video_thumb/1528837976045789185/pu/img/ Frame 0B38 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1528837976045789185/pu/img/1q0f7rVq3RcIvd96.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.064ef547621667f0c5ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.159 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a9180d4efbd2cc9bb1df5d3a43ddaabbe126beaa39e7c22e552487133bfc4fc2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
118792
x-served-by
cache-lhr7333-LHR, cache-muc13936-MUC, cache-tw-ZZZ1
css2
fonts.googleapis.com/ Frame B975 		14 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae9199ddd05bc048e061634ce59a3c38c0698dac83e1e8500d382b898d2909ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://comment.instiengage.com/
Origin
https://comment.instiengage.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:54:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 11:06:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 11:06:26 GMT
N6CEiS1STZ92RhTe.m3u8
video.twimg.com/ext_tw_video/1528837976045789185/pu/pl/ Frame 0B38 		642 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/pl/N6CEiS1STZ92RhTe.m3u8?tag=12&container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57effcfd85a27eaa64041ce7685aa6f916bfa72da741d9d7fcc2fc5d7fd403fc
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
content-length
303
x-served-by
cache-lhr7335-LHR, cache-hhn11523-HHN
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
jot
syndication.twitter.com/i/ Frame 0B38 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1653476786126%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22WestJournalism%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22realAndrewJose%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22e859ee543b37a%3A1653412767716%22%2C%22item_ids%22%3A%5B%221528858595269709826%22%5D%2C%22item_details%22%3A%7B%221528858595269709826%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A2366.3999977111816%7D&dnt=1
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Wed, 25 May 2022 11:06:26 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
2febeeb5f9587264cd142568e289ea079862b84fe2499937224b042c9807034d
x-transaction
f7a2de97e7356216
expires
Tue, 31 Mar 1981 05:00:00 GMT
css2
fonts.googleapis.com/ Frame B975 		14 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae9199ddd05bc048e061634ce59a3c38c0698dac83e1e8500d382b898d2909ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:19:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 11:06:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 11:06:26 GMT
1q0f7rVq3RcIvd96.jpg
pbs.twimg.com/ext_tw_video_thumb/1528837976045789185/pu/img/ Frame 0B38 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1528837976045789185/pu/img/1q0f7rVq3RcIvd96.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.159 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a9180d4efbd2cc9bb1df5d3a43ddaabbe126beaa39e7c22e552487133bfc4fc2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
118792
x-served-by
cache-lhr7333-LHR, cache-muc13936-MUC, cache-tw-ZZZ1
activeview
pagead2.googlesyndication.com/pcs/ Frame 7624 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIhdubOlnlESveHXWojZcu4vAb7v5y1yxEAedqCS7rmglIx8fjAYAIvQVs7NFVEkImcFf3h5APH_hZRBF7TVNb&sig=Cg0ArKJSzGwxLN6FCyj9EAE&id=lidar2&mcvt=1020&p=310,315,560,1285&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1409352590&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653476783958&rpt=1087&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mvpd.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/mvpd.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
e9d642fa3d01df57972136c2a3eb324182be6dc1aa6f60a48e77ee2e3e0326ec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
eSLbc69NILo3HfqfmKX4bKDJiG1WSqTo
content-encoding
br
etag
"3c3f2f9c4e7f60d1ef5d77989eb8b88e"
x-amz-request-id
01C0QMVQGTBHP4MM
access-control-max-age
86400
content-length
1605
x-amz-id-2
S/apcV30Vpk0iA/UkpuX9anOQD4trBNn2mp12mSVpptSm+giGtyooI2WsQvZx7bxIuIrFuIRWeE1wBBiFHcqjw==
last-modified
Mon, 23 May 2022 15:25:55 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84988
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Thu, 26 May 2022 10:42:54 GMT
07%20-%20news.svg
static.instiengage.com/avatars/ Frame B975 		1 KB
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/07%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2411c793f521e4b4549af40a97c9ad3bbe3cca8c2013b7f8ffdd5342b89c070c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
2spTMN6c8kzKlEI782YKUOTESYehkh_r
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:33:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"0e0c98aed0059e039331d19027f90a25"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:06:27 GMT
x-amz-cf-id
k9ShGAYSEfm67d5jfk88Ywd16gl6G3QTI2_PyR6EBlIQgsEvmi1GoA==
05%20-%20news.svg
static.instiengage.com/avatars/ Frame B975 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/05%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8717d1b4663b3365bf17c1b34ad380781c25a90cce2e819ff91857236ccd4c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
H4VPAgKlTU7bDTfsuQ64V68hDlNzr4Na
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:34:03 GMT
server
AmazonS3
age
157
etag
W/"3b11138638ec59db581cb9dfc62a7768"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:06:26 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fU49_WsqhVJgVxocO38DU0tSmQvy7ybSykSiAKZ8klDCU-Qwb1eH-g==
12%20-%20news.svg
static.instiengage.com/avatars/ Frame B975 		1 KB
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/12%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4feb9bb4d0d5e22257b1c47a2b663f402f40fbc8ef314a40db7b6f49647ea52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
dvMgbiDO0pcKVXiRsZ3FobD1XJ2OaIYI
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:30:59 GMT
server
AmazonS3
age
178
etag
W/"f3398ae6a35199d40a09459f92d770eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:04:01 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LfEWgwpafTqYQ6HCqekZRJTbfatRA4-tLXE9O8jQKnpTi6syXpeTBg==
03%20-%20news.svg
static.instiengage.com/avatars/ Frame B975 		924 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/03%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21f6baf6f437f5ae0d94897041095becbd1c836b75f5111bd2c2c620f8a4d6b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
NNTj86SoTtyqYsdKW5yDcXOqVWsJQQHe
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Mon, 22 Nov 2021 12:34:44 GMT
server
AmazonS3
age
283
etag
"29cec791822c1b59d513bc9a5a0c0e85"
x-cache
Hit from cloudfront
content-type
image/svg+xml
date
Wed, 25 May 2022 11:01:44 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
924
x-amz-cf-id
_SCAl7kWbrMV7nOGxpnWhb7DRLjxP0b-T4W02IlWFW2kYH3oobSR2g==
13%20-%20news.svg
static.instiengage.com/avatars/ Frame B975 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/13%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4182666b867c3a3a51a46d83c47655c8b6371ac57666a87d998e06bf4387771b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
5Mm33eg6KcLDGah576gVAwu8A6WBZLdb
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Mon, 22 Nov 2021 12:30:48 GMT
server
AmazonS3
age
157
etag
"62fd24cfe6cd321a1b07baf3119d06e5"
x-cache
Hit from cloudfront
content-type
image/svg+xml
date
Wed, 25 May 2022 11:06:26 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
968
x-amz-cf-id
UA6ytck88u5jIf0N62fgXSxhfO6ju7ioTVfQEuhXz2AzHUXa0FeqnA==
01%20-%20news.svg
static.instiengage.com/avatars/ Frame B975 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/01%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bfdf79d9dcc07585ff31f266d0725a9108122726ce789c7997d2d301a3257df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
MVdTEQpApypKPcw48ItuUvC4XxW8_yW5
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:35:23 GMT
server
AmazonS3
age
157
etag
W/"020a0ac79615d42effed9641351fe30e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:04:01 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
L6EZqsXuLLAeAUiGeaSfx-4POZ0-x-w4y3mjJ-2fw-pUCfRQZDVn6A==
11%20-%20news.svg
static.instiengage.com/avatars/ Frame B975 		1 KB
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/11%20-%20news.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5de1d1b3bb2946f6e2a697ff3c94d88f9bc4622c34cb7945ff348314fe703c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
xnmJ2rz5VDhAlqRIgCZw9EpUcPZryat2
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:31:52 GMT
server
AmazonS3
age
171
etag
W/"74ad127eb7b9e59b496e1afc6c7eba25"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:03:36 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
fB9rkyJ_O2fy9ja3FBKIV2kYCIDmBCoJFDT6DF5u1OwGDNrtvRif6A==
jtPIVFcwQr42dFHa.m3u8
video.twimg.com/ext_tw_video/1528837976045789185/pu/pl/490x270/ Frame 0B38 		2 KB
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/pl/490x270/jtPIVFcwQr42dFHa.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1050caf354a85c273a42414764560ed7f63df48f3c72b769e0c4f2bffe4398a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
content-length
603
x-served-by
cache-lhr7335-LHR, cache-hhn11523-HHN
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
vendor.dll.js
comment.instiengage.com/live/vendor/ Frame B975 		710 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/vendor/vendor.dll.js?v=^3.0.9
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb5f176b50a38ec4bb8b59d76e6f0bc7935777109b5310fd206d9ad087c8520
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 May 2022 15:16:16 GMT
server
cloudflare
age
147
etag
W/"62850dc0-b1d1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-polished
origSize=728347
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
710dcd3a2fb42397-ZRH
cf-bgj
minify
app.js
static.instiengage.com/app-community/ Frame B975
Redirect Chain
  • https://comment.instiengage.com/live/community/static/app.js?v=0.0.42
  • https://static.instiengage.com/app-community/app.js?v=0.0.42
1 MB
306 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-community/app.js?v=0.0.42
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47324606dcc35439ab3da6273da4942b0961bc1e522f7f51c4269b4f75858062

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
80Il3Z.gMbpKcDN.vhFWdVophZ.JSuLm
content-encoding
br
last-modified
Tue, 17 May 2022 11:14:33 GMT
server
AmazonS3
age
280
etag
W/"60c88e81a62ed163816ed575ec97be35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date
Wed, 25 May 2022 11:04:01 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ytDscBQWr39eWG5w3i9EH_tOCMwhPM0aZbQoFbrwDczYJHKuwjTdEg==

Redirect headers

date
Wed, 25 May 2022 11:06:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://static.instiengage.com/app-community/app.js?v=0.0.42
cache-control
max-age=3600
cf-ray
710dcd3a2fba2397-ZRH
expires
Wed, 25 May 2022 12:06:26 GMT
q20ofMQ51uj6Aw3n.mp4
video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/0/0/490x270/ Frame 0B38 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/0/0/490x270/q20ofMQ51uj6Aw3n.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ae3bf4ec20c5838557667f965a6bdfdaaa8477a296ea7eb24ec725005e6afa7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
content-length
1131
x-served-by
cache-lhr7361-LHR, cache-hhn11523-HHN
overlay.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/overlay.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
46fa1f76e8f2cfbebfe8c5aa8737520b896e1ea07f01e5e2277931d8bfac0304
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
UPgB_FcI1yRlMhFKc3AYcFLkxXm2zJfs
content-encoding
br
etag
"2e656ec0fdcac96e758b33589f255960"
x-amz-request-id
YQ2MJ9CGK7TMVC0X
access-control-max-age
86400
content-length
467
x-amz-id-2
oIvFbgX49GE+X76v2oZM5rHcFlPydcCF5v/7IrGqe6dH94mfx8dqlM2Qhf6eWDLwkP1sPpqAqP8=
last-modified
Mon, 23 May 2022 16:16:44 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=9927
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 13:51:53 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 88DD 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=95094
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Wed, 25 May 2022 11:06:26 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Thu, 26 May 2022 13:31:20 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
3_OBOg8toQP_Omsk.m4s
video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/0/3000/490x270/ Frame 0B38 		49 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/0/3000/490x270/3_OBOg8toQP_Omsk.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f59f56f029391f1d09f1e62f99e526d0a1b6cdd209bd7b7f3b387d69e7a2aea
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
content-length
50672
x-served-by
cache-lhr7379-LHR, cache-hhn11523-HHN
all
csm.eu.criteo.net/ Frame DD13 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SbwPv6Y1igz4_OubGRdEyg3bzMVKN7WnC1KVGUgM2y-c7FIaYRf1FL7F7WF68p0J1GonNY10v2-REnle8sWhoSYg4YeWNTkgpWyd2UZEDknuLsSnFW9LEtZb7e5z8XhHD24ZcbYy3jtIOt2WkNqZ9OYhz5Krudk_wDVi49XChXYqC7WesaNar6fm0GUyhLePbnXOM-Y4TDGGoTuTxWcc1UlmgdVD2cg0ymA29yGp6a9JIxfar4Tjax7iOEi9dqaAn79YYw&sds=2&rev=81571&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NrwAFU_EK4A3YAAERBnWPTBKBO4iShtrr8A&u=%7CeQRQJ9ODJDFu7QdtXIaUL%2BOozSdvv432goXz28soIrE%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVifZenJ3QrSBzKw7tmRC-Cg__drXhknRcnQszB_GrdULK2H7GpGyQbUawbZQ1GJ3tbxGXyvlwW2GtldCvt_DDOdi_GuuKVX-PDbTcO1mKutZf7NfXIHHJ-gStdEPFig7Nmuu9wCF6pdqvebEuIVSIOOtUmAEqhF7MlYRyam7hV-VKNRTIyu1ZDfosde8R_F_00zPP0mHLVbWEMN5b2kRjPETnE8BMaRoAvlxI8M0NrIV8w1QnOzPIWKxYcsh8vxt3FTVx1Ocfh2H9GGCAMTkteg-gjbB71tja5fARIRQGUz6u8TTaC-QwuPsoSX-xJv-f8IbXWTYYJ18wa32GQ61Qu4yhI9pM-ZmIZYDF3ajeRcTx2J9vUiw7u_ncuU8QwkkhwmEyoI-pRXe_GFbYy_K9M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCic_orw2OYvGnFdibgAeGooTQB8me0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzQ3NzUzOTEyNzA4MDMwM6AB1bbS6gPIAQmpApwopOxR8LE-4AIAqAMBqgTIA0_QbSdYVo2_8pvZcf9P2xoy4sDEHlMiOL_lsv1dt37EQ5eihT_olBnV7GCx_cxYb3V93e2-MF5TBtI483zf8sLpOtOGXcYLrOHnOrpXCpfD75E2TfaFarY8pnjbqF6wy9oULwa1G78XbKLB4k7t-EeltOV7FNOtpYEqbt-JvnmfAIbWnC0jJQIxtksnoEwUwt7tswLGxZMPAgO9X1Iqkmqk_dIKW9Ivbk7YEIBqjTQGTVKVAo1277xGgO67APHmtFfgimSe-PiKDuvAL3EASF8i4mfJ-kGKHWVHV_kR_jy4-tLMSyvHK7Nz5dQ6vpyGxH23JV9yaedpt_DTx8hcPqopnynac-MfGM3RwOQGaNK9RHnTui_T-UAzQiz3P9gKlpN4J7xTR3lpji30rwPF92qtKc5tZWyt7yjPn650_38F_dzlhMJDF43F4-Y4aYZwY15JIS3fcZWpY3g8Bz3uutpnVI5IRX2x3aFUTBi3aZIMsfXQeeCmXZvd5bF6JOZfU8vaRMk5mlh2XeFHSG4wTUCxX9aCgULyQwGigTTc2hCSVqpW4fDhbHbtdNxzCm9dMHP_8ycqDknSCc914YN1fgMp8cu7cVjmfeAEAYAG7_W8tvqyvtOAAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2MkYblWea0Hdsg5mUFCZj6ZVWZGQ%26client%3Dca-pub-3477539127080303%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 11:06:26 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
tracking.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/tracking.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
a24222be11d1521cb0a1901a821cc7616256257939ec1eba3445a891e90a8a5f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
xrPlXNkmojzQMlu6dBeGfOyd31FJOClX
content-encoding
br
etag
"02429caecc1e7f75f44797fef1e5405a"
x-amz-request-id
HWHS724AK6490VMA
access-control-max-age
86400
content-length
467
x-amz-id-2
zWmEGfsQj91GqlFdeyPnW1tkrKyTySoi1//EuT+J7vCge87EyV7w8q/4zuhTGXBuGUd2i2uJLRE=
last-modified
Mon, 23 May 2022 15:41:46 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=8584
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 13:29:30 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 88DD 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86981959&p=158410&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5f996e2a45cd1f5ac1d96ccc8f21ad589a8b0bbb37750f457c40c26e5c8c4248

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:24 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
mutedstate.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		348 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/mutedstate.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
2bd95507dffd55a1bc592eea6df5067891d1de88d52afe69c95277b167eca7e0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
n02oLrfwxJQD4yoG.6SNTg02K.XiDIZP
content-encoding
br
etag
"36bb2610aa29da54191479aaadef15a3"
x-amz-request-id
NW5A2C1Z52QYEFWV
access-control-max-age
86400
content-length
215
x-amz-id-2
W9GWH6nERUVRCJrZJ7zdnEKmBpAQ5/ti174WkVBt2q8/0463r6P8/rilqA4J6tbDA1lA7Tnckoc=
last-modified
Mon, 23 May 2022 15:51:15 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=9533
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 13:45:19 GMT
l7rDG4v_dYNBnlMs.m3u8
video.twimg.com/ext_tw_video/1528837976045789185/pu/pl/654x360/ Frame 0B38 		2 KB
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/pl/654x360/l7rDG4v_dYNBnlMs.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ce412cda2cd796180236db560424758fb02c344578b61c6e4be95a11366a47f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
content-length
605
x-served-by
cache-lhr7378-LHR, cache-hhn11523-HHN
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
M_l08Ii3YIxdfYbM.mp4
video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/0/0/654x360/ Frame 0B38 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/0/0/654x360/M_l08Ii3YIxdfYbM.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5aadd5c7dd3cb6b86fa700fd7cd8d9360457741b1cea334fff4e331e49f2cfb6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
content-length
1131
x-served-by
cache-lhr7379-LHR, cache-hhn11523-HHN
strike.js
static.foxnews.com/static/orion/scripts/core/video/app/views/fox-news/embed/ Frame 579F 		515 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/views/fox-news/embed/strike.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
1b67d9c5c42d9a52085758447dde784ae495c885bb7ec9c7664e3c143f20e490
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
V9oyqdpHOJxqqqHU.pI7DCDEuCKAAsBY
content-encoding
br
etag
"2fa8359ead3d50b89c64736214aa7aa1"
x-amz-request-id
G6M0EK1KSN4MJT8K
access-control-max-age
86400
content-length
264
x-amz-id-2
uKowOoNniEThHmfhNFGi1u1JUEa90ss1z6cRpjy57oeHYL91Z9VAgCzMxVApDfRMyrphi2PXr/0=
last-modified
Mon, 23 May 2022 16:17:40 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=10171
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 13:55:57 GMT
7b265306-296f-477f-9b3c-bd5fa3a57fde
static.instiengage.com/article-images/9af198ff-22cf-4d4b-80d5-b58d0f23e539/2977507/ Frame B975 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/article-images/9af198ff-22cf-4d4b-80d5-b58d0f23e539/2977507/7b265306-296f-477f-9b3c-bd5fa3a57fde
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1302a3f8cf9623bca8226d053597fc10a10919409211f9959998a1828632cf53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
udth.kDYP1bZ.DIh9BEc3J4_IKFo71Zf
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:58:35 GMT
server
AmazonS3
age
111
etag
"7cd9acc904d82ffcc06f4ea66d48d41f"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Wed, 25 May 2022 11:04:36 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
76303
x-amz-cf-id
TzTCfO3QG7dCqul7fYU1_CVVi3HaD_3iQBKu8A5RCJE_HRns-jBMSQ==
e5e85032a3c51694d231f5f11240ed1f
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/bbc4acd4-7a5d-4a12-b5fa-1e62785c6146/ Frame B975 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/bbc4acd4-7a5d-4a12-b5fa-1e62785c6146/e5e85032a3c51694d231f5f11240ed1f
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13f7a0a2e608a1bba799dac829a71aa2be5a7a49ee45b7d3f5e9c8ca65ea99d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
gBSQgoOXbwytu5.67m524N5VvdhVmenL
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 09:28:12 GMT
server
AmazonS3
age
111
etag
"ee71a6b8f169cef0569ab6aba65cce57"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
date
Wed, 25 May 2022 11:04:36 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
86556
x-amz-cf-id
H6wXn4EgL-AQev_IWFgCXO8aoA0uCVJYJmGnEgrHY972hJbx_gzzhQ==
1fd6e67099d39ed7baf820a728e3b7d6
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/013eee14-29cb-4fea-ad2f-d1b858d69182/ Frame B975 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/013eee14-29cb-4fea-ad2f-d1b858d69182/1fd6e67099d39ed7baf820a728e3b7d6
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b00d20815da2ed22c6e3a4b6e620c61dd7d021ea1e4b7ab4f1c8aa1eb0b45894

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
CzZbggNkPV.UrhW7d4_EZUUUJILABObR
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 09:45:42 GMT
server
AmazonS3
age
111
etag
"c694a13e1a84485706381741410277df"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
date
Wed, 25 May 2022 11:04:36 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
50194
x-amz-cf-id
zaXPs8cheHlMUuhhtVboh8SJvdlvno9yZAeJGCrutADUSGEQu1OUFQ==
f9eda8c3e2a4b5ed4987cd45b06d2ab5
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/7eea769c-48de-4ac1-9015-7f0ca0600073/ Frame B975 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/7eea769c-48de-4ac1-9015-7f0ca0600073/f9eda8c3e2a4b5ed4987cd45b06d2ab5
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ceb50d8f86029f76e351eeee3967a64af4431a1138bccab062abe9e143c6829

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
lmw7V.dhnIjdDUizKY.mZnsGlp1KmWol
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 09:27:04 GMT
server
AmazonS3
age
111
etag
"ecabd05afbc20cc6a5ad0b1a68204256"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
date
Wed, 25 May 2022 11:04:36 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
93080
x-amz-cf-id
DDyI1z85ALh--n-wtwlZI6W1YBktgjsYI4QOubCSWXThGMeeuV-9ag==
7cfabb9572c564c52e64e15f9ece3739
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/ab66158f-df0a-4a8d-a85d-3cb6d933f539/ Frame B975 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/ab66158f-df0a-4a8d-a85d-3cb6d933f539/7cfabb9572c564c52e64e15f9ece3739
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea0524eba5a389e45372aa903af8dc34d7a8f45081c422ca539b87f9e0c2d414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
wS6I2oB20FjY.o5KqccZNqXKZe87yDsU
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 09:30:46 GMT
server
AmazonS3
age
111
etag
"7750fb348ba3526f74831a72d456b087"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
date
Wed, 25 May 2022 11:04:36 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
77113
x-amz-cf-id
NvD11HG4448YnEStHUMydwphYFt-EbALj1tIiH9_OooiM_pUtTqHaQ==
a178c62bc79d8cd98d214efa474052c8
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/25133301-4fc3-4b9f-ba03-54a6232bca92/ Frame B975 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/25133301-4fc3-4b9f-ba03-54a6232bca92/a178c62bc79d8cd98d214efa474052c8
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d3f3ec79819a57bd2a4f95fda2cd0dde2cd505eb76885af0ddfd8b9a521eef0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
ZlFfa.y69e._Ct_vESdpB04QLmVwGMbl
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 09:23:34 GMT
server
AmazonS3
age
111
etag
"53bb9512e8019678906145980300f2a8"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
date
Wed, 25 May 2022 11:04:36 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
105869
x-amz-cf-id
n1UvE5RA2ZwhaBY8MkkgsGmkTRWkkFIs5a64YGU_LtQOjZSowgNtxA==
JziRv_rkSPxn97kU.m4s
video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/0/3000/654x360/ Frame 0B38 		118 KB
118 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/0/3000/654x360/JziRv_rkSPxn97kU.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b976ed02a71725553a822a0d1417066208622a8419d5877e464ea23b462a7b21
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
content-length
121169
x-served-by
cache-lhr7343-LHR, cache-hhn11523-HHN
isa.js
static.foxnews.com/static/orion/scripts/core/video/app/views/fox-news/embed/ Frame 579F 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/views/fox-news/embed/isa.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
9bf63efa2d77c2328eac9cc2515a27ea20e4dc02be884bf7b3a6394246eee27e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
xXOaYPm6Ad8cvWY0vVlBzSpp5HMfuDCP
content-encoding
br
etag
"1451ba760a91f4c023559412f9f0daf1"
x-amz-request-id
K1Y32FNNCB33SPYB
access-control-max-age
86400
content-length
440
x-amz-id-2
etrZ0/L6yL8MHPC83tr9AyyiV+noZJR4D6j3YQKn06Kp/Qc1VfxLQzzKuEsYMozF0SwmyjYzFsQ=
last-modified
Mon, 23 May 2022 15:51:15 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=8550
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 13:28:56 GMT
match
c1.adform.net/serving/cookie/ Frame 2A12
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 25 May 2022 11:06:26 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 25 May 2022 11:06:26 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 55A0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc78628e-0db1-4400-a175-f29090861e69&gdpr=0&gdpr_consent=
42 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc78628e-0db1-4400-a175-f29090861e69&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 25 May 2022 11:06:26 GMT
Expires
Wed, 25 May 2022 11:06:25 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4409 ba5503e master cdg-pixel-x12 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:dc78628e-0db1-4400-a175-f29090861e69&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 8067
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2288197559826090879
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2288197559826090879
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2288197559826090879
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 1AD9 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 11:06:25 GMT
expires
Wed, 25 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
303719
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 88DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PDuyILn7SjqIifQXfAUdLw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=136092
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 27 May 2022 00:54:38 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 88DD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dc78628e-0db1-4400-a175-f29090861e69
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dc78628e-0db1-4400-a175-f29090861e69
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 25 May 2022 11:06:26 GMT
Server
MT3 4409 ba5503e master cdg-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dc78628e-0db1-4400-a175-f29090861e69
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 25 May 2022 11:06:25 GMT
generic
match.adsrvr.org/track/cmf/ Frame 88DD
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 88DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0MzQkIyMjAtQjlGQi00QTNBLTg4ODktRjQxNzdDMDUxRDJG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 88DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPKYPJAOT5ob3JGv2uBhX8k&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPKYPJAOT5ob3JGv2uBhX8k&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPKYPJAOT5ob3JGv2uBhX8k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 88DD 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 24 May 2022 11:06:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 88DD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3101216839812627722
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3101216839812627722
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3101216839812627722
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 88DD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 88DD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2205566270350662059&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2205566270350662059&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:26 GMT
X-Proxy-Origin
193.27.14.27; 193.27.14.27; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f0b78e28-1320-44b0-9b86-cabab4025780
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2205566270350662059&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 88DD
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LGx5tCo6ILc3a3TpKW9s5yw9deU3a3PmKW4thT3y
42 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LGx5tCo6ILc3a3TpKW9s5yw9deU3a3PmKW4thT3y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LGx5tCo6ILc3a3TpKW9s5yw9deU3a3PmKW4thT3y
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
NaYcnAtWO4UsRmJH.m4s
video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/3000/6000/654x360/ Frame 0B38 		158 KB
158 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/3000/6000/654x360/NaYcnAtWO4UsRmJH.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0e5fd01905cff04c4495f44712d6538c2ddeb43b72f3f907230164568a30ffd7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
content-length
161466
x-served-by
cache-lhr7364-LHR, cache-hhn11523-HHN
event.handler.js
static.foxnews.com/static/orion/scripts/core/video/app/views/fox-news/ Frame 579F 		861 B
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/views/fox-news/event.handler.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
d18855381c9003e6daeb03a74afca308861aa0f1000ae7c98b8b8cb622d57af5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
Y.VQOiMJL1VRi10l_ZOGyegrcyUc4lUY
content-encoding
br
etag
"37b45edcfacfa9eb01a62fd24e55c4f7"
x-amz-request-id
X51N56CPARJYEDFA
access-control-max-age
86400
content-length
390
x-amz-id-2
Ha28KsX+9lwirLTi74lGNDoaBRQhHoEJQOauwmNJtUdeZH12ONQP17ugskTWtX9T2imJFu7OKWg=
last-modified
Mon, 23 May 2022 15:18:24 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84394
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Thu, 26 May 2022 10:33:00 GMT
sv
capi-tier-1-us-east-2.connatix.com/tr/ Frame 1E7C 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sv?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:25 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
detector.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 579F 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/detector.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8d81edaa4c014ac0ae8d5fccd1dca29e79da33e4bf9d1941c6ee892b0026a93
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
ORqRBrjKoFMYEwtkPXG6k04aZ2C0_gQe
content-encoding
gzip
etag
"13ff8f86069731cb7a464b7ba8732360"
x-amz-request-id
BRVKT1N3KNS0GVMY
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
679
x-amz-id-2
yRedZWTUX0oG+Pp3emmvpcxvyBrzuMX8lDjW5s1BaJBfuiCS/D5/Lh/ncpga1oRkLc75c+RznHU=
last-modified
Mon, 23 May 2022 14:40:05 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:26 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=287
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:13 GMT
/
c.mgid.com/pv/ 		0
44 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=165347678665652922731&uniqId=0b977&lct=1652918400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&lu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=628e0db3-132ec&pageView=1&pvid=180fae581e0826fe15a&site=542039&implVersion=11&dpr=1
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
710dcd3cbdfd408d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
MJ67fD56CvyvLHH6.m4s
video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/6000/9000/654x360/ Frame 0B38 		142 KB
142 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1528837976045789185/pu/vid/6000/9000/654x360/MJ67fD56CvyvLHH6.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.073bcb018ca9810d845a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.158 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9cd16507a881df835e6c322aa8883c5ae1b1b2ebc10bde5a3c54c008c71abbdf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Mon, 23 May 2022 20:37:12 GMT
date
Wed, 25 May 2022 11:06:26 GMT
x-tw-cdn
FT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
accept-ranges
bytes
content-length
145114
x-served-by
cache-lhr7377-LHR, cache-hhn11523-HHN
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
content-encoding
br
cf-cache-status
HIT
age
3515
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
31SG1V0WFRNKXC6R
x-amz-id-2
2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
710dcd3cde40408d-CDG
expires
Thu, 26 May 2022 11:06:26 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
content-encoding
br
cf-cache-status
HIT
age
3515
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
31SYWNNYNESPJ6F1
x-amz-id-2
3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
x-amz-version-id
null
cf-ray
710dcd3cde43408d-CDG
expires
Thu, 26 May 2022 11:06:26 GMT
autoadvance.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/autoadvance.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
4446f3bf104d48208e1daf254a70245ab4c79ee90b9d471002166fe74c68e933
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
AeC87OX0j8b1kxEuLUHZaYA55v.C9PKa
content-encoding
br
etag
"a1b05ddc5b9fc12f6d02b5c81f2f668e"
x-amz-request-id
0E0ERM34MEAGGFB3
access-control-max-age
86400
content-length
943
x-amz-id-2
huRLYeuRGLiiQ+DVjdhrAZkhk2L5DqomPu6tdwB55vhclga0ZOB6DUnEmIqMSC5i7RaivQWV9f4=
last-modified
Mon, 23 May 2022 15:16:51 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=84888
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Thu, 26 May 2022 10:41:14 GMT
ais.auth.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		804 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/ais.auth.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
b6307d61708368ef2e357eb4c12df2bd9e8063336fe4e38da0a3b47e0141764e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
EjeIhOdOx6bHE7qN9hjVQBPFxEEP4_e8
content-encoding
br
etag
"ac6e7b4b1c643060c2bd3289587e55bd"
x-amz-request-id
9XHK7B4S7W75MEFY
access-control-max-age
86400
content-length
410
x-amz-id-2
IQkeE1hVVb3DQltf/IQSwKU5jHnP6nlUdCe/3q/hEGZX1SxYM+kKn7YztGkd52LyRIfNrRtJRvI=
last-modified
Mon, 23 May 2022 15:14:22 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=83036
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Thu, 26 May 2022 10:10:22 GMT
1
servicer.mgid.com/1280823/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1280823/1?pv=5&cbuster=1653476786739844599022&uniqId=0b977&lct=1652918400&niet=4g&nisd=false&jsv=es6&w=817&h=579&maxw_3=264&maxh_3=256&cols=3&ref=&cxurl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&lu=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&sessionId=628e0db3-132ec&pageView=1&pvid=180fae581e0826fe15a&implVersion=11&dpr=1
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57390a8a6e2c8a9651424f56260be94025551dc357b31a57c525a194aba327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
710dcd3d3ef6408d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-ssp-performance
c.mgid.com/ 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=125
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
710dcd3d6beb9259-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
widget-ssp-performance
c.mgid.com/ 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=58
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
710dcd3dcc8b9259-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
ampqueryparse.js
static.foxnews.com/static/orion/scripts/core/video/app/models/ Frame 579F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/app/models/ampqueryparse.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
71fc4aeb6cac3b9a2b29cbc283f9897dcb8d4690f8118e798e1df6d07338d6af
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
OehCwGkXydvv96VBU_XH9jXzuq_A_01S
content-encoding
br
etag
"836614adee1c373011dad3f5747983aa"
x-amz-request-id
BV08AG1PRQVF60H5
access-control-max-age
86400
content-length
838
x-amz-id-2
Khf/KVidO0A44Vk2ZPEL04d8WKcUho4mc/bo3gOUv99NM3PTXSE/Uw7I6qYD8q9nOxWmBngTHCw=
last-modified
Mon, 23 May 2022 17:00:40 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:26 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=12632
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 14:36:58 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2dpZixmbF9sb3NzeSxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0L2ZhMmM2N2RlZWZhZ...
s-img.mgid.com/g/12581136/492x277/-/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12581136/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2dpZixmbF9sb3NzeSxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0L2ZhMmM2N2RlZWZhZjZkMTllZGM2NTFkZTU4OTliYmU0LmdpZg.gif?v=1653476786-IaWwgQDFUy-4oYzqsZFMxwzAdxHJnKcT0-SaLahhBT4
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1555c077f9ff6bd1ed77ca5d642dac9424091999f4ee1835133ce2a0f34631ff

Request headers

Referer
https://www.westernjournal.com/
Origin
https://www.westernjournal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
HIT
x-mg-request-uuid
25609433-ad31-4545-97de-a6ead1869dd0
age
665114
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1563385
last-modified
Tue, 17 May 2022 18:21:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
710dcd3e1c1b698b-FRA
cf-bgj
imgq:100,h2pri
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzA2MmU1MTIyMTkzYmQ3O...
s-img.mgid.com/g/11739867/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739867/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzA2MmU1MTIyMTkzYmQ3ODhkZGI1NDRmMjc4Zjk3MWQucG5n.webp?v=1653476786-OgZE9gcqZoKGzPUklRpyRKU6qG89GynerHty6PVzd2Q
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a750b7acd808f5d63e7904cb75ef2f2011a999a868cb7592145158563b6fd1c3

Request headers

Referer
https://www.westernjournal.com/
Origin
https://www.westernjournal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
f77df83b-9f21-4cc3-8977-32c42d8931d7
age
1305574
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
710dcd3e1c1d698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11924
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ194eV9jZW50ZXIsd185NjAseF80NzcseV8yMDYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxO...
s-img.mgid.com/g/12581142/492x277/-/ 		308 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12581142/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ194eV9jZW50ZXIsd185NjAseF80NzcseV8yMDYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0L2FjYzQ1ZjJmZDVjMGU4MDlmNTY1NjkxOWVkOTg5NWM2LmdpZg.gif?v=1653476786-XjCZr1Ps-tWmvGULK17CublkaGulcTuiJeJQPJIuXKI
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1395b6de5c646b588c90c818be678f6722d18ade05957ed95f2595ed1f85ee67

Request headers

Referer
https://www.westernjournal.com/
Origin
https://www.westernjournal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
HIT
x-mg-request-uuid
6dba8e4a-a4ff-4823-8e19-e19822c0423d
age
665432
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
315643
last-modified
Tue, 17 May 2022 18:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
710dcd3e1c1f698b-FRA
cf-bgj
imgq:100,h2pri
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2Z...
s-img.mgid.com/g/11739857/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739857/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNDFhYTAwNDliZTFiMTQ2ZThhZGM3MTU3OWQxOTI3OTMuanBlZw.webp?v=1653476786-sXxPpsCwsp_bSNsFhyK6JgVQVAd_IZbSAyICdqUXMic
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94

Request headers

Referer
https://www.westernjournal.com/
Origin
https://www.westernjournal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
115d8b9b-ef80-4309-84e0-b73be5309448
age
1305581
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
710dcd3e1c21698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33276
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvOWFkYmE2MTlmNGMxY2I5O...
s-img.mgid.com/g/12581074/492x277/-/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12581074/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvOWFkYmE2MTlmNGMxY2I5OGE4YzQxNmQyYThhZmY1NzUuanBlZw.webp?v=1653476786-K3rolJ5YpaSAp3jHqN_DXnBXJ7v86I_7K3sWJ3DWses
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72ceeea0850d2a69bbaa8cd5b8eb4e662e6769cfaf71b1bb99c82d2aef77062

Request headers

Referer
https://www.westernjournal.com/
Origin
https://www.westernjournal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 09:38:21 GMT
x-mg-request-uuid
9eebd49c-4e0b-4779-b2ae-40387133ddb1
age
1305541
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
710dcd3e1c22698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39938
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlN...
s-img.mgid.com/g/11739870/492x277/-/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739870/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlNjQzMGUxMWJiNTA1MmIzMDkuanBn.webp?v=1653476786-AJ_r7H_XqNaaIArLPKsHUqVqG2E3gOSzB1h5DOll-CA
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17b6e3a1887bb29f6f38c2fa31ebf4a77c12d1f559b72aa56c9d2f4bf07a2c0

Request headers

Referer
https://www.westernjournal.com/
Origin
https://www.westernjournal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
fc00655f-1143-46b0-a495-a634d24bda8d
age
1305559
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
710dcd3e1c23698b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17578
server
cloudflare
6306718389112
api.foxnews.com/v3/video-player/ Frame 579F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.foxnews.com/v3/video-player/6306718389112?callback=uid_6306718389112
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ac137d115cba22259aaad737fb6d729b60cff187619dcc4242ed6e5521cc9556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.foxnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
content-encoding
gzip
x-amzn-requestid
e3962612-cd3b-47c6-aade-965783ebfef3
last-modified
Tue, 24 May 2022 10:17:06 GMT
x-amz-cf-pop
IAD66-C1
etag
c59264b99b00751e5a2c910dfe58c6db
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amzn-trace-id
Root=1-628e0d22-33fe20dc070b4dbd3eca545d;Sampled=0
x-amz-apigw-id
Srb9YG52IAMF-lw=
content-length
1178
x-amz-cf-id
Zq8SBKXeB6hHyoftdhUSA2l0l8sDp3gAVGbkK23VFT5HwMAA0dcuDw==
i.js
cm.mgid.com/ 		0
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1653476786905236079162
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
710dcd3e4914408d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 5152 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1653476786924747108116
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
710dcd3e696e408d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
369.json
id5-sync.com/g/v2/ 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
8910840dd5782d5f300f94678e29aaa54d2ab4dbc4376e0baa79ab1a7213cb48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 25 May 2022 11:06:26 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
694e0c7c-b595-44da-8fa0-f57e1eb18dd9
ex.ingage.tech/v1/sync/unruly/ Frame DEAE
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=694e0c7c-b595-44da-8fa0-f57e1eb18dd9&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator&zcc=1&cb=1653476787196
  • https://ex.ingage.tech/v1/syncPage/unruly?uid=OPTOUT
  • https://ex.ingage.tech/v1/sync/unruly/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=OPTOUT
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/unruly/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=OPTOUT
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
710dcd40fc0f01db-ZRH
date
Wed, 25 May 2022 11:06:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin

Redirect headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
710dcd402af201db-ZRH
content-length
0
date
Wed, 25 May 2022 11:06:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/v1/sync/unruly/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=OPTOUT
server
cloudflare
vary
Origin
async_usersync.html
acdn.adnxs.com/dmp/ Frame 548B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 25 May 2022 11:06:27 GMT
ETag
"623de86a-cf34"
Expires
Thu, 26 May 2022 11:06:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
2b9d395f79fd97a5
sync.e-planning.net/uspd/1/ Frame C607
Redirect Chain
  • https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
  • https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
dff02e9bdfe4118493203d95ae6b0bbaa9f21dae437073fa2ddd6222758f3a8e

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 25 May 2022 11:06:27 GMT
expires
Wed, 25 May 2022 11:06:27 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-739

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Wed, 25 May 2022 11:06:27 GMT
location
/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-739
usersync.html
ad-cdn.technoratimedia.com/html/ Frame A531 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.15.0
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
d1a9c14c4578ecf85dcc7703f9b9336627e59f33e681b4da95fcaba7371dc5d1

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
674
cache-control
max-age=900
content-encoding
gzip
content-length
6380
content-md5
WrWRyc0OgiUyk+ZiT1AiBA==
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:27 GMT
etag
cb897a0a-9435-4ec2-8bb8-5e4ded258064
expires
Wed, 25 May 2022 11:21:27 GMT
last-modified
Thu, 19 May 2022 21:05:04 GMT
opc-request-id
iad-1:GMCZyJY-luXstO7u1sBGtVoEMd0eTG5HWYQhHDTYJOWCwQMV0s6q0tPPyrM2R_PB
server
ECAcc (frd/E2F8)
storage-tier
Standard
vary
Accept-Encoding
version-id
7594054d-a536-4284-a411-8b2dd74d20bf
x-api-id
native
x-cache
HIT
d459e3c6da768f28b23fc200eeedcdc1.gif
cookie.lmgssp.com/ Frame 6415 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cookie.lmgssp.com/d459e3c6da768f28b23fc200eeedcdc1.gif?gdpr=0&puid=694e0c7c-b595-44da-8fa0-f57e1eb18dd9&redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Flunamedia%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%5BUID%5D
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.165 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 25 May 2022 11:06:27 GMT
Server
nginx
rubicon
ex.ingage.tech/v1/syncPage/ Frame 5CC4 		951 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=694e0c7c-b595-44da-8fa0-f57e1eb18dd9&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
710dcd3f29a001db-ZRH
content-encoding
gzip
content-type
text/html
date
Wed, 25 May 2022 11:06:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4652 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=136091
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 25 May 2022 11:06:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 27 May 2022 00:54:38 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7025 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 May 2022 11:06:27 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1703 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=136091
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 25 May 2022 11:06:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 27 May 2022 00:54:38 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 76E1 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
1627
CF-Cache-Status
HIT
CF-RAY
710dcd3f6cfa691b-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 25 May 2022 11:06:27 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Wed, 25 May 2022 12:06:27 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
usermatch
ssum-sec.casalemedia.com/ Frame 8964
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ebfc869b9fe3c325607c7af860dead0b8f180c2c1aa61166190424d150ee9850

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1693
Content-Type
text/html
Date
Wed, 25 May 2022 11:06:27 GMT
Dropped-Udsids
230|39|241|45|195|105|5|26
Expires
Wed, 25 May 2022 11:06:27 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
344
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 25 May 2022 11:06:27 GMT
Expires
Wed, 25 May 2022 11:06:27 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
onetag-sys.com/usync/ Frame 22BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7C694e0c7c-b595-44da-8fa0-f57e1eb18dd9&gdpr=0
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
beacon
ap.lijit.com/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Access-Control-Allow-Methods
GET
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pd
u.openx.net/w/1.0/ Frame 4D2F 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/1a2bd40 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 25 May 2022 11:06:27 GMT
server
OXGW/1a2bd40
vary
Accept, Accept-Encoding
via
1.1 google
/
ssc-cms.33across.com/ps/ Frame 4C75 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bAsyo8U7Or6PeLaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
server
33XP003
x-33x-status
2000208
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_06d6c3b6-c572-4fc0-a148-0d1bd86279eb&gdpr=1&gdpr_consent=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_82bb0d0d-397b-419e-98f7-0369dd30b17b&gdpr=1&gdpr_consent=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_72b344cb-54b2-4ec4-b462-74d7e00e975e&gdpr=1&gdpr_consent=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_0aac24c9-004d-4982-98fd-97d63aa8d415&gdpr=1&gdpr_consent=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
usync.js
eus.rubiconproject.com/ Frame 7025 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85871
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Thu, 26 May 2022 10:57:38 GMT
vod.html
static.foxnews.com/static/orion/html/video/iframe/ Frame 014E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd0634b526e2755e69332ebf1530e92c0ede57784a3d771e1cc7425cab479e60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

Referer
https://video.foxnews.com/v/video-embed.html?video_id=6306718389112&loc=westernjournal.com&ref=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&_xcf=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=300
content-encoding
gzip
content-length
966
content-type
text/html
date
Wed, 25 May 2022 11:06:27 GMT
etag
"48780dbbc43d70e6ea7910bef5027f7a"
expires
Wed, 25 May 2022 11:11:27 GMT
last-modified
Mon, 23 May 2022 14:40:36 GMT
server
AmazonS3
strict-transport-security
max-age=15768000 ; preload
timing-allow-origin
*
vary
Accept-Encoding
x-amz-id-2
dUm79osjFCZJVKTo7ThOx5McJt3AiwQXBx1xi8ud+W2WR2tArzFYF0B2qY2gYZ7Cuc179atWsis=
x-amz-request-id
SD5FGCM31W8CG936
x-amz-version-id
RwV7KwHBjmK9x6AJYO9BpyV83NLaeyBK
pixelSync
pixel.sitescout.com/dmp/ Frame C607 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Db1c222e27fbeead5
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame C607 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Db1c222e27fbeead5%26uid%3D%24%7BUID%7D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:26 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ppv1kojnn56v6n2avbrkrdqdm05aj8tn
ptag
a.audrte.com/ Frame C607 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4ed40f0772bfe4113e2525eaceeac729a2402eadd619a1a29332d5850be57de3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:27 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame C607 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 24 May 2027 11:06:26 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame C607
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Db1c222e27fbeead5
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
138.201.8.249 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
date
Wed, 25 May 2022 11:06:27 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame C607
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Db1c222e27fbeead5%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b1c222e27fbeead5&uid=2205566270350662059
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b1c222e27fbeead5&uid=2205566270350662059
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
X-Proxy-Origin
193.27.14.27; 193.27.14.27; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9a1fbcd3-be84-4205-bf73-68514e21db23
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=b1c222e27fbeead5&uid=2205566270350662059
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 548B 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
X-Proxy-Origin
193.27.14.27; 193.27.14.27; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a42ba130-5d62-4afa-8ec9-a129a25930ed
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 8320
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 May 2022 11:06:27 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 25 May 2022 11:06:27 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AA0C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db1c222e27fbeead5%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=136091
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 25 May 2022 11:06:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 27 May 2022 00:54:38 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 4217 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e1b3b23b467b904957d0a6345d3cb48082e65ed4d26a716bb1f3a91e2606596

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1735
Content-Type
text/html
Date
Wed, 25 May 2022 11:06:27 GMT
Dropped-Udsids
73|46|88|206|111|190|47|156
Expires
Wed, 25 May 2022 11:06:27 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame F590 		1 KB
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
49
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 25 May 2022 11:06:27 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922262
x-cf1
29080:dB.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 5938 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame DB08 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b450786fda74bfcee3cfca92b6bfaf9729e9edaa544ba5227eee76a0a6cf504d

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://sync.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
710dcd404f1101e7-ZRH
content-encoding
br
content-type
text/html
date
Wed, 25 May 2022 11:06:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame 8964 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8964 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 8964
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HFBNDTCK5QWYJTHC6JGP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3KV3EZ8V9R78HXE26MA8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8964
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yo4Ns5yoAZWb3DBaVKB9pgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECpSyGWuUyHG4R9PVUCpLvI&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECpSyGWuUyHG4R9PVUCpLvI&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 May 2022 11:06:27 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECpSyGWuUyHG4R9PVUCpLvI&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8964
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-388ff068-6f50-4b07-b593-76ad57dd0602
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-388ff068-6f50-4b07-b593-76ad57dd0602
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 May 2022 11:06:27 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-388ff068-6f50-4b07-b593-76ad57dd0602
date
Wed, 25 May 2022 11:06:27 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 8964
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 May 2022 11:06:27 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 25 May 2022 11:06:27 GMT
server
nginx/1.20.0
content-length
76
ix
ad4m.at/ad/sim/ Frame 8964 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 8964 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Yo4Ns5yoAZWb3DBaVKB9pgAA%261126
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14105
694e0c7c-b595-44da-8fa0-f57e1eb18dd9
ex.ingage.tech/v1/sync/ix/ Frame 8964 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
710dcd403b0d01db-ZRH
ag.core.js
static.foxnews.com/static/orion/scripts/core/ Frame 014E 		283 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1390dcd6713cd7195838917a3fc08f728ef0915a5a925c8b3bb2e29a99813eed
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
ezrKzCBmv.6v7W2imTxp7JfCtL2UxhH5
content-encoding
gzip
etag
"c2aa5e4781689b9da5f3d13907c9922b"
x-amz-request-id
Q2BF3K82GTTGF1YV
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
92503
x-amz-id-2
FbzVRrCoP8CG2cIruJOIr2hEtGHX2ila3xzqovu/5APTUI5LXUxLJz3TaxQlCkDC3QPhlfZ+VSM=
last-modified
Mon, 23 May 2022 14:40:04 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
core.js
static.foxnews.com/static/isa/ Frame 014E 		541 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/core.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
7837ff7ec4d79e3d73a28979862b0f5b277ffb55d97df3d7ce9549677143a0eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
h0NYzz_ZR6ytLSj2CjUj34grB3l4bECD
content-encoding
br
etag
"79325f6794f68003b646ed8f7e7f6261"
x-amz-request-id
NA2NDV4FFKSHJR5R
access-control-max-age
86400
content-length
278
x-amz-id-2
jHB0hWZxZP22hIASHFS4FDEoaWapxjuVswp8XsnwhG8CEvTBch64kH3BJnb74O/gHaIWrmLSNAk=
last-modified
Mon, 23 May 2022 14:47:56 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:27 GMT
isa.iframe.js
static.foxnews.com/static/orion/scripts/core/video/ Frame 014E 		148 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/isa.iframe.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
aed7bdfe3ab9dcc3c6083da7535d761af18e19f07582bb6f9d9258440fa056db
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
EDW1K5S3dBnFTBCnDsiqC0kOQ9OgqMM9
content-encoding
br
etag
"fac154b2cfaaefc533e3e3217364f90c"
x-amz-request-id
T5F4BCEE3DDHJNXG
access-control-max-age
86400
content-length
133
x-amz-id-2
GRIrviP45UOlExMEmgLlw6ZN/dwjipFe5lobFHNCnq7O6j7v9q8OCizYrINMHptbI4lX452OpRw=
last-modified
Mon, 23 May 2022 15:25:51 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=85206
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Thu, 26 May 2022 10:46:33 GMT
loader.iframe.js
static.foxnews.com/static/orion/scripts/core/video/ Frame 014E 		472 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/loader.iframe.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
ab5e49c237e801fd943499dfd78dd7408287941020fba9b13cd23212ce908f85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
vXDNLwMpuqmklsHyHZSc9NFuyQrXCjcV
content-encoding
br
etag
"dfdadb449be76bdeef49f415e196d00e"
x-amz-request-id
DGHWB266812PAN9V
access-control-max-age
86400
content-length
275
x-amz-id-2
c3BIr4nkm5alms6ZHoxcSJdMpkjrqxc9fDcL+rV/KkdQBEqqp6BKv5m3WpwzVfBbGBwUII74DTI=
last-modified
Mon, 23 May 2022 14:49:17 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=82678
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Thu, 26 May 2022 10:04:25 GMT
usync.html
eus.rubiconproject.com/ Frame 5CC4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=694e0c7c-b595-44da-8fa0-f57e1eb18dd9&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=694e0c7c-b595-44da-8fa0-f57e1eb18dd9&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 May 2022 11:06:27 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 25 May 2022 11:06:27 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 8320 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85871
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Thu, 26 May 2022 10:57:38 GMT
master.js
static.foxnews.com/static/orion/scripts/core/utils/modulr/ Frame 014E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/modulr/master.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dfbbaaec8c97d04a6d789832533eba4decdabc21dd2c99a2294229a15be9bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
HvBhLCH6aOvvTyzt14SLE2OwtWQTa1ri
content-encoding
gzip
etag
"9a3b0be59798e0d674673ab365965895"
x-amz-request-id
XS0JXF6G9E3N8NGM
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
934
x-amz-id-2
hlZrkrqheX1BQ4tdcY3WzmlY4waTqoIz6/lygOdnTlkgXyZUidjl6GQYsqD2hIYdV/WA8PxseA8ghbzcQo7gYQ==
last-modified
Mon, 23 May 2022 14:40:00 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=96
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:08:03 GMT
getuid
ib.adnxs.com/ Frame DB08 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame DB08 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=b2c9a8de-287e-4ab0-b8ec-a9509daff152&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b2c9a8de-287e-4ab0-b8ec-a9509daff152&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd4188ca01e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=b2c9a8de-287e-4ab0-b8ec-a9509daff152&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame DB08 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame DB08 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame DB08 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms
28
date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1653476787.388129,VS0,VE28
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6979-MXP
u
dmp.v.fwmrm.net/ad/ Frame DB08 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame DB08 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D72094b8e-cc65-4554-7702-c21a30964717%26reqId%3Dacd8d04e-9e55-4b37-627d-4fb45a70effd%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=4779416c-7bec-4958-9a86-4fba10c267eb&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4779416c-7bec-4958-9a86-4fba10c267eb&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd42aa6101e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=4779416c-7bec-4958-9a86-4fba10c267eb&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=72094b8e-cc65-4554-7702-c21a30964717&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=72094b8e-cc65-4554-7702-c21a30964717&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=21781525640432367874033364658726620190&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=21781525640432367874033364658726620190&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd42faec01e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v031-0551b7b46.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Lthae57zSso=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=21781525640432367874033364658726620190&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame DB08 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=72094b8e-cc65-4554-7702-c21a30964717&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022052513-15519-0.773852001653476786-a7370635ceb5b7e33c0035623ef8fb65&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022052513-15519-0.773852001653476786-a7370635ceb5b7e33c0035623ef8fb65&zdid=533&env=mWeb
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd4178af01e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022052513-15519-0.773852001653476786-a7370635ceb5b7e33c0035623ef8fb65&zdid=533&env=mWeb
Date
Wed, 25 May 2022 11:06:26 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7101628724870248595&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7101628724870248595&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd41688d01e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7101628724870248595&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Date
Wed, 25 May 2022 11:06:27 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame DB08
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=72094b8e-cc65-4554-7702-c21a30964717
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=72094b8e-cc65-4554-7702-c21a30964717
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=72094b8e-cc65-4554-7702-c21a30964717
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=72094b8e-cc65-4554-7702-c21a30964717
date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=72094b8e-cc65-4554-7702-c21a30964717&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=72094b8e-cc65-4554-7702-c21a30964717&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=depC414p1jkV6dEWA4unvO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=depC414p1jkV6dEWA4unvO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd429a5601e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
last-modified
Wed, 25 May 2022 11:06:27 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=depC414p1jkV6dEWA4unvO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame DB08 		36 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=72094b8e-cc65-4554-7702-c21a30964717&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-length
36
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=72094b8e-cc65-4554-7702-c21a30964717?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=72094b8e-cc65-4554-7702-c21a30964717?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd429a5701e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.25.117
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-4ztZsMhE2oqDspcqmFwBeWoAyqKbVf9BpQ--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-4ztZsMhE2oqDspcqmFwBeWoAyqKbVf9BpQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd426a0f01e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 25 May 2022 11:06:27 GMT
via
http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-4ztZsMhE2oqDspcqmFwBeWoAyqKbVf9BpQ--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vopkNd%2FXwqKewetex49sbljCKx4VuI7%2F%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vopkNd%2FXwqKewetex49sbljCKx4VuI7%2F%2BS41iYitP1U%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd4249d501e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vopkNd%2FXwqKewetex49sbljCKx4VuI7%2F%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame DB08 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.30.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-30-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1653476787
x-served-by
beacon-n004-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame DB08 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=72094b8e-cc65-4554-7702-c21a30964717&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.8.249 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yo4NswAD8EypMQAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yo4NswAD8EypMQAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&_test=Yo4NswAD8EypMQAo
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd42fae501e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1653476788.664735,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yo4NswAD8EypMQAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&_test=Yo4NswAD8EypMQAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=dc78628e-0db1-4400-a175-f29090861e69&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=dc78628e-0db1-4400-a175-f29090861e69&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd430af501e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 25 May 2022 11:06:27 GMT
Server
MT3 4409 ba5503e master cdg-pixel-x33 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=dc78628e-0db1-4400-a175-f29090861e69&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 25 May 2022 11:06:26 GMT
usermatch.gif
beacon.krxd.net/ Frame DB08
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
54.76.30.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-30-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1653476787
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
date
Wed, 25 May 2022 11:06:27 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a009-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame DB08
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=72094b8e-cc65-4554-7702-c21a30964717&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-770...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=72094b8e-cc65-4554-7702-c21a30964717&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-770...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=72094b8e-cc65-4554-7702-c21a30964717&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&dcc=t
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.119.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W8T8T3KJ4GXZ3NXD1V63
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VDTCY2CEZTJZMVBEBWG5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=72094b8e-cc65-4554-7702-c21a30964717&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame DB08 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=72094b8e-cc65-4554-7702-c21a30964717&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:27 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame DB08
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D720...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
710dcd436b7401e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
date
Wed, 25 May 2022 11:06:27 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame DB08 		557 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1c0f6df7c5e6fc42335430683a71e28f19c39edeaa60449bf5e0425c4ba963

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray
710dcd40dfe701e7-ZRH
date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
geo.js
static.foxnews.com/static/orion/scripts/core/utils/ Frame 014E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/geo.js?cb=1653476787324
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/isa/core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e2288265e601a8f975bbac243c8463fe639ef4fc7f1562147431f289550e899
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15768000 ; preload
content-encoding
gzip
etag
"8918d114d202696949d555c7175a715e"
x-foxnews-time
1653476787
x-amz-request-id
18BDKQT66F9BCCYB
x-foxnews-geo
countryCode=DE ; regionCode=HE ; dmaCode=false ; zipRange=false ; continent=EU
vary
Accept-Encoding
content-length
1146
x-amz-id-2
E8H2n5p7lg9jsG1DJojYnQa0ZGh4QoyB2dONMb2agjsc7H5/U5cESQ4Fq9eO0kOmF4cyD03Qbf8=
timing-allow-origin
*
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET, GET,POST
x-amz-version-id
hYOFt.evz5ScKQxkhjRWV_TosZ5swwKQ
access-control-allow-origin
*, *
access-control-expose-headers
x-foxnews-geo, x-foxnews-time
cache-control
max-age=59
access-control-allow-credentials
false
content-type
application/x-javascript
access-control-allow-headers
x-foxnews-geo, x-foxnews-time, *
expires
Wed, 25 May 2022 11:07:26 GMT
core-app.js
static.foxnews.com/static/isa/ Frame 014E 		218 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/core-app.js?v=v145
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/isa/core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
9e61f672ed52a7160304b809cb2f04be4bcdb5f18039daaa1f48a8b224475bd4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
5jHUIeg4kysxzaRkUbDZPCEjP0_jScPE
content-encoding
br
etag
"9cb2dfce465d38d78e5dd11b91e645bd"
x-amz-request-id
2RW5D3W2BFCPY4JH
access-control-max-age
86400
content-length
61586
x-amz-id-2
keTxlQG7APa0pwqvmCIpkTp7rIFZT7BwC3ExcBFO7Jyf+cCg28ojunNiqGuMHcTy8Ddxf9Ae8Xo=
last-modified
Thu, 05 May 2022 19:49:28 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:27 GMT
usync.js
eus.rubiconproject.com/ Frame 5CC4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85871
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Thu, 26 May 2022 10:57:38 GMT
tap.php
pixel.rubiconproject.com/ Frame 7025
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gX6MhtjIw0P71B1mlN6H4Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3321768456275391090
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3321768456275391090
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

date
Wed, 25 May 2022 11:06:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3321768456275391090
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 7025
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NuYx-_rUTYC8H_u5e7dqAQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NuYx-_rUTYC8H_u5e7dqAQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NuYx-_rUTYC8H_u5e7dqAQ
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
651PPH46SMN1WDKX4E10
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NuYx-_rUTYC8H_u5e7dqAQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 7025
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3LHDUOW-V-HYX3
0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3LHDUOW-V-HYX3
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6161F02A9E9E4DEB9584FE42BD398859 Ref B: VIEEDGE2120 Ref C: 2022-05-25T11:06:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXf1BCR25vG1bSNLc+Avw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3LHDUOW-V-HYX3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 7025 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 7025
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDxgcNRo0X0hoDSrSrVcRgg&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDxgcNRo0X0hoDSrSrVcRgg&google_cver=1
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDxgcNRo0X0hoDSrSrVcRgg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 7025
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3LHDUOW-V-HYX3&sigv=1&esig=2~623cef7a32bc6bde8f0816134c0ef89aed647afb
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3LHDUOW-V-HYX3&sigv=1&esig=2~623cef7a32bc6bde8f0816134c0ef89aed647afb
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L3LHDUOW-V-HYX3&sigv=1&esig=2~623cef7a32bc6bde8f0816134c0ef89aed647afb
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7025
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGQ5NGEwMjJhY2FjMjVjYTU1NGZhNTBkZmZiZTQ4MTE0ZDBkOWM5OA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGQ5NGEwMjJhY2FjMjVjYTU1NGZhNTBkZmZiZTQ4MTE0ZDBkOWM5OA
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGQ5NGEwMjJhY2FjMjVjYTU1NGZhNTBkZmZiZTQ4MTE0ZDBkOWM5OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 7025 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8320 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=L3LHDUOW-V-HYX3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 5CC4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=L3LHDUOW-V-HYX3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Content-Type
image/gif
Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4217 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d804:38dc:9a29:ba55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame 4217 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 4217
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Yo4NswAD8KmomQAo
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yo4NswAD8KmomQAo&gdpr=1&_test=Yo4NswAD8KmomQAo
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yo4NswAD8KmomQAo&gdpr=1&_test=Yo4NswAD8KmomQAo
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 May 2022 11:06:27 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1653476788.648516,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yo4NswAD8KmomQAo&gdpr=1&_test=Yo4NswAD8KmomQAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 4217 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yo4Ns5yoAZWb3DBaVKB9pgAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
c1.adform.net/serving/cookie/ Frame 4217 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:27 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
getuid
ib.adnxs.com/ Frame 4217 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 4217
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=H8wOknXp1NTOQp5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=H8wOknXp1NTOQp5&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 May 2022 11:06:27 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:26 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0eac7293533ef1427@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=H8wOknXp1NTOQp5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame 4217 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Wed, 25 May 2022 11:06:01 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
um
u-ams02.e-planning.net/ Frame 4217 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=b1c222e27fbeead5&uid=Yo4Ns5yoAZWb3DBaVKB9pgAA%261126
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
server
openresty
content-type
image/gif
ads.js
static.foxnews.com/static/v/all/js/ Frame 014E
Redirect Chain
  • https://global.fncstatic.com/static/v/all/js/ads.js
  • https://static.foxnews.com/static/v/all/js/ads.js
64 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/v/all/js/ads.js
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
Protocol
H2
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
88fdbde568bd019ff9178056845f4d01cea311a8a33270a10cadb00a786bc8ec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
zF7iLJd9_XVql8toPNOQ0.BoFxcDluqD
content-encoding
br
etag
"8753bd8ed5e4a97637eb9d6dfe77b925"
x-amz-request-id
HWHRE5CZ4K15YJNA
access-control-max-age
86400
content-length
68
x-amz-id-2
hccwEob0Ju1nFuuTZKVh8ZPg674z5h+qfxEc6FiyDXCBFIT1/TPVa8PvoEY9N1LFxki38r2Puek=
last-modified
Tue, 03 May 2022 22:22:51 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=559428
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Tue, 31 May 2022 22:30:15 GMT

Redirect headers

date
Wed, 25 May 2022 11:06:27 GMT
server
AkamaiGHost
strict-transport-security
max-age=15768000 ; preload
location
https://static.foxnews.com/static/v/all/js/ads.js
cache-control
must-revalidate, max-age=300
server-timing
cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin
*
content-length
0
expires
Wed, 25 May 2022 11:11:27 GMT
cache.js
static.foxnews.com/static/orion/scripts/core/utils/ Frame 014E 		229 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/cache.js?cb=202252511630
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a54c284f86836501aa243b5bd578df6ca8f05bc65fae0210f249189989adef22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
Jw6KdIK0BMYZt.VhkOiPfG__MnuSh0az
content-encoding
gzip
etag
"c39602c17fda3dbafb7e9762b2e5e4f8"
x-amz-request-id
18BDP5GKJ3G669QZ
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
186
x-amz-id-2
4acmaaZZeRL1ZrVWmEakue3cgeHP5LcKcplbbH0wCbZ1pDkd2C/lMBnlAIH71uYGS/VnAjncruY=
last-modified
Mon, 23 May 2022 14:39:59 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=133
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:08:40 GMT
cmp
spl.zeotap.com/ Frame DB08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
710dcd42097601e7-ZRH
date
Wed, 25 May 2022 11:06:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
ag.app.js
static.foxnews.com/static/orion/scripts/core/components/ Frame 014E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/components/ag.app.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74b3510b4315f2f3218db3084cd5896dc3adbf1fa4d0db4e5a6bb6705e2743f7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
_jxtc1UdqpJpggyqAGPBXlz2NAJUYWyi
content-encoding
gzip
etag
"f56e092ab76eb96a929b28dd25165302"
x-amz-request-id
KF736678NEP0D717
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
9240
x-amz-id-2
MJNCztyBRE5iVgv9HfABkIgGVSXGXYE9TKMnTavDnljR6qKlg9lGfefKBObu9+O7h+trNInhuY4=
last-modified
Mon, 23 May 2022 14:40:04 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=129
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:08:36 GMT
ag.app.js
static.foxnews.com/static/orion/scripts/core/video/ Frame 014E 		84 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/video/ag.app.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
dbb4d195a3d11fd3d83c816a7bc07a3a81700c5b3aabc72e18a1193e8e8e2473
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
6EQ9WDHM.kpvZgQ_slI2wJ7vljKNBDJZ
content-encoding
br
etag
"912c30c3d77c59f708ccdaae5263025d"
x-amz-request-id
WXT2QJTAKQ6M45JJ
access-control-max-age
86400
content-length
20278
x-amz-id-2
bTMotjDPUWdjQGf95ZmkxmBl7is0jbREPFsQB4u68RbMMQTiQu5sHv9vUK9WROink9i1TVxmn40=
last-modified
Mon, 23 May 2022 19:06:21 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=20634
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 16:50:21 GMT
ag.app.js
static.foxnews.com/static/orion/scripts/core/templates/ Frame 014E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/templates/ag.app.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daeb7eb5e28b2e9fa737f3b056309aadb697d3643bc45dfacce761ec79a5212e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
x7bj9AGBznA.xGPzrh6hQEZLZf0karqE
content-encoding
gzip
etag
"5e5b3c2744e928d1ed49301bbfad8045"
x-amz-request-id
XS0T5HVWXGV44DG7
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
1682
x-amz-id-2
BE8dWodJ9LUx5FeUOUXc4j8kFckxXj9y0OSmP663LtYt+DN0lSLb6FUjgjCwSFaQBTE8Q0O8s1A=
last-modified
Mon, 23 May 2022 14:40:05 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=185
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:09:32 GMT
environment.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 014E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/environment.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c2ab324a7ae790a41f540126678d783806829f0107c58c11ce5ab74a8a58eff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
9vPcjkrK05vMwiO_FbA2nWB_ZsjehgH1
content-encoding
gzip
etag
"2f5d6819c4d4e8256be503816a08192b"
x-amz-request-id
E5VRHSDD82HJQEPD
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
884
x-amz-id-2
YbaXy/ONovmdY0a/kMOKdrkWhViHsRgsHtAPFoh4e5QAQNP5A7LSZ157DCtWUvXkEu5vWVMVXjo=
last-modified
Mon, 23 May 2022 14:40:06 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=145
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:08:52 GMT
modernizr.js
static.foxnews.com/static/orion/scripts/core/utils/ Frame 014E 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/modernizr.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d170c118836677fb2af57bb0bbf7f3ed11de3258b6586b9a3b695943ea1c2ef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
AFO7AxgwhKI3_j0bd2ITViWREyB7ydqh
content-encoding
gzip
etag
"59263597447bd2b3f22cea851e78672d"
x-amz-request-id
XKEW6SPRTX0PZPQ0
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
2780
x-amz-id-2
lHy7ORB6Rm13ZFlTFWb7WfEWDoHbjr9klmg+dMxtiy5TFgjvmpGrBtl+NF87/CXCWKWnlrgNzRA=
last-modified
Mon, 23 May 2022 14:40:00 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=280
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:07 GMT
cookie.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 014E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/cookie.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2e8c7ffd18fee1a209683f34a9c118ae8689ae2f36c0da3c99376637d605a14
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
b3e.G0_vfBqi82Xy4fwV8f7.Y_L5EviS
content-encoding
gzip
etag
"62e9578e17f609ace39d3e458a2032f3"
x-amz-request-id
XKERVZ53C0VZV2ZJ
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
746
x-amz-id-2
nImNVDsfRqnuNRauDBhCltT05P0kM8TNSFBp/Q2cEnAmx18K0tUw5SFlNsiArj3C1izaHZTAhps=
last-modified
Mon, 23 May 2022 14:40:05 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=294
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:21 GMT
akamai.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 014E 		156 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/akamai.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
287d6c6ff4477ced7bd93cd1daf4cbd0dd741c0d1da858d0b7c9f074259f5570
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
XfqpnB09WqDRu.xNVBMsoYCTQrEOu0KE
content-encoding
gzip
etag
"5d70f922eb6dee6d2e17bd747d1726e3"
x-amz-request-id
XKEG7V07V80AT3MQ
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
148
x-amz-id-2
S76AaWv5BC+8BsiBXcNfOXGkVA73mc66gyMvWVAPGPcAaWbRck0u50MoN/1qZDPGDViihCB+33k=
last-modified
Mon, 23 May 2022 14:40:06 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:27 GMT
localStorage.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 014E 		1 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/localStorage.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6080df858f81b0a3c906ebc8097088f92bd4d5b67b7da878b1d6a33b0fe4a397
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
sovlviHlhf7W2QdUp49EfNQYcW1VgpuC
content-encoding
gzip
etag
"fcb9b549852534fef53db13b525982c9"
x-amz-request-id
XKEKHQHCJRH1AQTJ
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
473
x-amz-id-2
DA3bFcKMg0OQCv0b5fI+wVDPpffepagamGur1uJcQaGV23qnGxdtUcA6NI6a8jkxz5cNtq17F3U=
last-modified
Mon, 23 May 2022 14:40:06 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=239
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:10:26 GMT
detector.js
static.foxnews.com/static/orion/scripts/core/base/app/utils/ Frame 014E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/orion/scripts/core/base/app/utils/detector.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8d81edaa4c014ac0ae8d5fccd1dca29e79da33e4bf9d1941c6ee892b0026a93
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
ORqRBrjKoFMYEwtkPXG6k04aZ2C0_gQe
content-encoding
gzip
etag
"13ff8f86069731cb7a464b7ba8732360"
x-amz-request-id
BRVKT1N3KNS0GVMY
strict-transport-security
max-age=15768000 ; preload
vary
Accept-Encoding
content-length
679
x-amz-id-2
yRedZWTUX0oG+Pp3emmvpcxvyBrzuMX8lDjW5s1BaJBfuiCS/D5/Lh/ncpga1oRkLc75c+RznHU=
last-modified
Mon, 23 May 2022 14:40:05 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:27 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=287
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:11:14 GMT
core.js
static.foxnews.com/static/leap/ Frame 014E 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/leap/core.js
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/isa/core-app.js?v=v145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
2fdb53df4e402567f5003ae3b5f30885f26c1702849e6f813f531de975dc0180
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
5t81yAbLyTjf6Eauw7hemr08NroCBQMT
content-encoding
br
etag
"a1326af5422a25227eaecbf6562aef5a"
x-amz-request-id
N2TF61RN799D0DD5
access-control-max-age
86400
content-length
18797
x-amz-id-2
hCIZt00sXsAVcakqOSkOdMEjb8SP8ZWt27VKVYOFfXvVZxXYP5vWHhB57y8/Z4yfhN7WyNavUjc=
last-modified
Mon, 09 May 2022 16:19:53 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=277893
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Sat, 28 May 2022 16:18:00 GMT
ld.js
static.foxnews.com/static/leap/ext/shims/ Frame 014E 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/leap/ext/shims/ld.js?v=202205091536
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/leap/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
9005d9e2fc2b5a7516b6756d055972ffc7134d17084d99457b9590567c4fc330
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
Z0adwkKo0o25y0Oa2iWabzLm7IEuXMUb
content-encoding
br
etag
"3b53b698f71764584f8f30168ee3fc41"
x-amz-request-id
Z3EPQ9RZB4NB66A5
access-control-max-age
86400
content-length
16259
x-amz-id-2
n6EwdqjWDe4Ibgi9mbOIRMIF1Il71JzFL61HBcyITf7jAFJ3czCqTpBr2m1QVPqasUMXRYu2vU0=
last-modified
Mon, 09 May 2022 16:46:02 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=279607
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Sat, 28 May 2022 16:46:34 GMT
jq.js
static.foxnews.com/static/leap/ext/shims/ Frame 014E 		128 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/leap/ext/shims/jq.js?v=202205091536
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/leap/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
4b2afecf587c031ea8cef56f84458c7674a3611df6cb7de095757054afe7bc69
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
ZeWgz5B1VT0e.OjU.niUoU6XrTlSIpQB
content-encoding
br
etag
"8146a76f73263e1b4028f09c9b5c78da"
x-amz-request-id
4EKKVNERCY9W3KJP
access-control-max-age
86400
content-length
34025
x-amz-id-2
o1kye9ZJDp9mArFjssdr485lavtF25t0fAQsgCHcs2CLy8Kd8CX+HiXvszG58s/fKKLOy/cu3M0=
last-modified
Mon, 09 May 2022 21:24:42 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=303511
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Sat, 28 May 2022 23:24:58 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/4I2fAtE5IxTlczNT3F91OckHtI5wfR7g/ Frame 014E 		369 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/4I2fAtE5IxTlczNT3F91OckHtI5wfR7g/analytics.min.js
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/leap/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-41.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b12a065888b59148f1fc166020aa2f689d4ce6f1764c9cb917d7c5fc1170d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
QCpO.tqccVwhro4hrXa0dlDIi6z6rdt_
content-encoding
br
etag
W/"a8b5048c4132b532cf236d332a421d73"
age
10
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Tue, 10 May 2022 22:19:20 GMT
server
AmazonS3
date
Wed, 25 May 2022 11:06:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
1ztjPKmolPbuixN9E3QRKhQ9-O6nsk6HljTa7-0YLaVUI0LG7yvwWw==
VisitorAPI.js
static.foxnews.com/static/isa/app/lib/ Frame 014E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/app/lib/VisitorAPI.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
31b8841f45f209e9353685457600eec05a1657e89641cd8e9d9e483a357ff26c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
_elf7sjXAro53.VPjRxjPx9Vy6qv01_i
content-encoding
br
etag
"e02617aa3838429966fbc55082ee788a"
x-amz-request-id
E8NW5VBKDN025GCQ
access-control-max-age
86400
content-length
8322
x-amz-id-2
De7PxX7CMjf6hM2WS2LF71BLsw6tsz2ZPlJe5FWlUuUJO4Mo/7XZaTz1qP0isAMQbZq2W3R9+Go=
last-modified
Mon, 23 May 2022 14:41:34 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:27 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame C607 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-4.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 24 May 2022 19:11:11 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
57316
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9ocnlK__gq_o9svv8DMs-tJcd2P_a0pzF3fs11kHR4eOsG0Ir_CasA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 9847 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 25 May 2022 11:06:27 GMT
etag
W/"601b131c-27c"
expires
Mon, 24 May 2027 11:06:27 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
694e0c7c-b595-44da-8fa0-f57e1eb18dd9
ex.ingage.tech/v1/sync/eplanning/ Frame A603 		25 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/eplanning/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=AIHh5Z%2fGncjhZ2fP
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c85f03ee7ffd8a409d628d4b368b63454b8f70fd43c2747f88f41df5dbc23f3

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
710dcd437f8501db-ZRH
content-length
25
content-type
application/json; charset=utf-8
date
Wed, 25 May 2022 11:06:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
omtr_code.js
static.foxnews.com/static/isa/app/lib/ Frame 014E 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/app/lib/omtr_code.js?v=20220523141519
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
51231af79e3740fe49b116d4cef74cdfe64aa23911dbe2c35d8f63f7f73e0be6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
pghHXC3nr8vYSrnT2hgiOav861C.XGDV
content-encoding
br
etag
"36347f0628c09d466fcd3f98d81be54f"
x-amz-request-id
5M9V06CWK7EDFQ20
access-control-max-age
86400
content-length
22585
x-amz-id-2
N1BNL3leB17V01eruG5OTR5GzTPgvypEm/Dp2CjogLAUVtzLnakrSLGlBKaTpHVqQacXTBKuuUA=
last-modified
Mon, 23 May 2022 14:59:01 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:27 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:27 GMT
gtm.js
www.googletagmanager.com/ Frame 014E 		155 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TX4GF4X&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/4I2fAtE5IxTlczNT3F91OckHtI5wfR7g/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
700f4e0b9d4149294206ee21a6f78597fc83b0f56988d4d10c85a8976f7fae71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46073
x-xss-protection
0
last-modified
Wed, 25 May 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 May 2022 11:06:27 GMT
amp.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/ Frame 014E 		569 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/video/ag.app.js?v=20220523141519
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
955d52cc72ac23b29b663e4715261280ad75e64febb8b61dada05e08232de2a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:27 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"a7f7317afe4f9ff66bdbbf33e2ecdfff:1623697588.559122"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1117813
expires
Tue, 07 Jun 2022 09:36:40 GMT
GS.d
js.cookieless-data.com/ Frame 9847 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fsync.e-planning.net%2F&s=&rand=1653476787805
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 Suresnes, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:27 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
ptrack
a.audrte.com/ Frame C607 		368 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=193.27.14.27&p=M1353665098&artime=2022-05-25T11:06:27.978Z&arlocation=c3luYy5lLXBsYW5uaW5nLm5ldC91c3BkLzEvMmI5ZDM5NWY3OWZkOTdhNT9jdD0xJnJ1aWRtPTEmZHU9aHR0cHMlM0ElMkYlMkZleC5pbmdhZ2UudGVjaCUyRnYxJTJGc3luYyUyRmVwbGFubmluZyUyRjY5NGUwYzdjLWI1OTUtNDRkYS04ZmEwLWY1N2UxZWIxOGRkOSUzRnVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=d3d3Lndlc3Rlcm5qb3VybmFsLmNvbS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d7a1e8910018f300119e7c590eb46936de73d05ad3dfa1d5e0d070057615fa03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:28 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://sync.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea5099c19ead4628998b9dc17fd3372e72df560835673967a2f6a6ed70f987ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 25 May 2022 11:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10654
x-xss-protection
0
6306718389112
api.foxnews.com/v3/video-player/ Frame 014E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.foxnews.com/v3/video-player/6306718389112?callback=uid_6306718389112
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/orion/scripts/core/ag.core.js?v=20220523141519
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ac137d115cba22259aaad737fb6d729b60cff187619dcc4242ed6e5521cc9556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
x-amzn-requestid
e3962612-cd3b-47c6-aade-965783ebfef3
last-modified
Tue, 24 May 2022 10:17:06 GMT
x-amz-cf-pop
IAD66-C1
etag
c59264b99b00751e5a2c910dfe58c6db
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amzn-trace-id
Root=1-628e0d22-33fe20dc070b4dbd3eca545d;Sampled=0
x-amz-apigw-id
Srb9YG52IAMF-lw=
content-length
1178
x-amz-cf-id
Zq8SBKXeB6hHyoftdhUSA2l0l8sDp3gAVGbkK23VFT5HwMAA0dcuDw==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 May 2022 11:06:29 GMT
v2lbmvY70WqzFMOCkWgyhuX5KbBtjYDYkS_QmbnV5L8xxvWg88TIPBzyf6kVcKbHR7VDR-Fxz
partplanes.com/ 		191 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://partplanes.com/v2lbmvY70WqzFMOCkWgyhuX5KbBtjYDYkS_QmbnV5L8xxvWg88TIPBzyf6kVcKbHR7VDR-Fxz
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
3e2e45442533683ca47cac19e522a7f9b95effc7a6251c0a6b1231d8b7c2a854
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Wed, 25 May 2022 11:06:28 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-3rjd
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
541459873
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
191
expires
Wed, 25 May 2022 11:06:27 GMT
amp.foxnews.central.json
foxnewsplayer-a.akamaihd.net/player/9.0.23/configuration/ Frame 014E 		41 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/configuration/amp.foxnews.central.json?sec=1&cb=202252563&site=fn&param=notitle&eu=1
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
30d051b67fd0a433d2d5514fc80699da04d78f61bf29728716d7c5ef52dcaf0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a17162a93562ce97685187dc2bbda26f:1651597473.436456"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1138672
content-length
7540
expires
Tue, 07 Jun 2022 15:24:20 GMT
v2rct66BWD7y_CmDgnxXTguxW6sGHkH0KyPspz2e2wf0fqo7SVCVtUvIt1q8-EpIuff_rwa34
partplanes.com/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://partplanes.com/v2rct66BWD7y_CmDgnxXTguxW6sGHkH0KyPspz2e2wf0fqo7SVCVtUvIt1q8-EpIuff_rwa34
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
1e1dce61ef40c2919dfa51bef5f7593ef0ae8c2f80fd15408cd107952b25b567
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
date
Wed, 25 May 2022 11:06:28 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-3rjd
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
541459873
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
1113
p
a.audrte.com/ Frame C607
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent=&google_gid=CAESECoB5mC7zddsCD7Lcvj7sZQ&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 25 May 2022 11:06:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame C607 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:28 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/ Frame C607
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=712156065992100998
  • https://ps.eyeota.net/match?bid=kh51m51&uid=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:28 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Wed, 25 May 2022 11:06:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=918x1QRC8svT0Wbc1M25YNUgQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
amp.css
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/ Frame 014E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.css
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
532ff8614e981dcd81b21a9efb5347629e81c290f4d4e2cd0da93b0763b4e549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"623eb59329dbb013cabfbc548134f3e5:1623690038.016062"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1199266
content-length
1251
expires
Wed, 08 Jun 2022 08:14:14 GMT
amp.foxnews.small.css
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/ Frame 014E 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.small.css
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7e312900eab0a2e3a2208834b586ba29e4ba07661940b8321ada34659b817b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"6d9cc9e6e7a4ba21c869263eac519426:1615323264.701759"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1199266
content-length
668
expires
Wed, 08 Jun 2022 08:14:14 GMT
prebid.4.41.0.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/js/ Frame 014E 		268 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/js/prebid.4.41.0.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
ba12455f8177931c03a52e0465a8564357da7efe6fa96c263b11aabc5c16f0ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"07948294ae19a30df14c407d41cc5c7f:1628607639.78233"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1199266
expires
Wed, 08 Jun 2022 08:14:14 GMT
Prebid.min.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/prebid/ Frame 014E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/prebid/Prebid.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
2db88419ac5d17f3c4fe02a3c6d5521f2552bd1edb9b3775433e4d3b81cc96b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"e44a28f39cbd65b51edc6a14c3d58c36:1615323313.822627"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1199266
content-length
1674
expires
Wed, 08 Jun 2022 08:14:14 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 014E 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:55:15 GMT
content-encoding
gzip
etag
W/"cc07895b7b7c30a55c948b849ccd5e56"
last-modified
Tue, 24 May 2022 19:53:02 GMT
server
AmazonS3
age
673
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront), 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C1, FRA50-C1
x-amz-cf-id
FXoonCvHdjvtFjn0yLmkIkt1oTwTsxmcg_U8WFTaMJbRaYcpTqx2Kw==
Amazonbidder.min.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/amazonbidder/ Frame 014E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/amazonbidder/Amazonbidder.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
862d3ac7791eec8afcc2bdefc56b64a398d993475a30778ad649113c6abe92f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"d3a724420cb53683db74a9db929a8062:1615323351.149583"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1200577
content-length
1126
expires
Wed, 08 Jun 2022 08:36:05 GMT
wtat.plugin-amp_ima.min.js
cdn.watchingthat.net/ Frame 014E 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.watchingthat.net/wtat.plugin-amp_ima.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f34705442a3c560a451fbb5aa9ed4e837566951dc8ed8a028e6cfa35d0a8367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 08:08:24 GMT
server
AmazonS3
x-amz-request-id
655F0VNZFCKWW9N5
etag
"b76ad9647523c8f41c8cbc039024a97e"
x-hw
1653476788.cds320.lo4.hn,1653476788.cds313.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1354
content-length
6083
accept-ranges
bytes
x-amz-version-id
giyxCsIcd1q6eRkraErhh8Fa1eghi38l
x-amz-id-2
YAihOCiVTsZkbaB/jj2MvJW3ZkIs8cO40iyF/o0LbpjTQBYSLDozTnvzuQ+BsSapjPlVq3ci1kU=
hls.min.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core//libs/ Frame 014E 		226 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core//libs/hls.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
4ba1bcaf0a4027f973e0643a588c4be129efa41cf3ba75e3ee3ed5f151d7fd76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"647cae27fd1b81566b16f0e45ce69672:1623690045.513633"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1122906
expires
Tue, 07 Jun 2022 11:01:34 GMT
react.min.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/libs/ Frame 014E 		131 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/libs/react.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
bb58c6d3a02dd8042a7329d9b97909db57995538bd695d84694633e027fd1ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"22941c9b2f549136281817c757c94501:1615323420.866624"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1122906
expires
Tue, 07 Jun 2022 11:01:34 GMT
Errormanagement.js
foxnewsplayer-a.akamaihd.net/player/9.0.23//akamai/amp/errormanagement/ Frame 014E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23//akamai/amp/errormanagement/Errormanagement.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
ff83ca68a7d845ff5f72d9cd34f6249666520c52a847cdc6dfe766f1e93d2a04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"9cf217301c281931a3e156579805e4e8:1615323336.638136"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1199267
content-length
2814
expires
Wed, 08 Jun 2022 08:14:15 GMT
MediaSDK.min.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp//omniture/libs/ Frame 014E 		175 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp//omniture/libs/MediaSDK.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
12c71ec7bc2266e6e5ec17e49630fc4d640653d5434f9d0ff5f15db1709dbf23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"2f8e70cf287bc2126488e09c98fdb1bc:1615323381.88052"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1137710
content-length
35262
expires
Tue, 07 Jun 2022 15:08:18 GMT
Foxnewsmediator.20212410.min.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/foxnewsmediator/ Frame 014E 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/foxnewsmediator/Foxnewsmediator.20212410.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
4b9ee22202c3e2f652fa65794bed73503d2534168e813e0c54a88d293f10c94e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"73d63e5cd3936be8a512a85dda7871af:1635090869.36892"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1199269
content-length
5741
expires
Wed, 08 Jun 2022 08:14:17 GMT
Mrss.min.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/mrss/ Frame 014E 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/mrss/Mrss.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
22746e68f45d764aaa3b9ed615c74a18de62f6a809725c9755010dddb56df931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"1bf35e78c6b132b64ae7af0c92c47b5a:1615323369.322329"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1140271
content-length
2278
expires
Tue, 07 Jun 2022 15:50:59 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 014E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
25964
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Wed, 25 May 2022 03:53:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2PGkWHCiiSe9kpZ72qRS83SoM-DViJKdBkA9i9zKe7ZFXPaNcTrCjg==
Errormanagement.css
foxnewsplayer-a.akamaihd.net/player/9.0.23//akamai/amp/errormanagement/ Frame 014E 		3 KB
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23//akamai/amp/errormanagement/Errormanagement.css
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
69dfa672cb84dab2345cb446072d31d4658de2427393bd3e2cb79410f6c71dd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"7ff605c34fbe21de645748bc1c473f73:1615323336.662891"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1199276
content-length
554
expires
Wed, 08 Jun 2022 08:14:24 GMT
VisitorAPI.orig.js
static.foxnews.com/static/isa/app/lib/ Frame 014E
Redirect Chain
  • https://global.fncstatic.com/static/isa/app/lib/VisitorAPI.orig.js
  • https://static.foxnews.com/static/isa/app/lib/VisitorAPI.orig.js
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/isa/app/lib/VisitorAPI.orig.js
Protocol
H2
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
8ed1be6f37ce9e10052136a3a8836f24158c0463aee6f751b39e67d22a89e630
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
pNcPspWOm7cQOzVS4yazmR54iBcse_Nn
content-encoding
br
etag
"636f60b7b9ff747bfbac94433c5321d0"
x-amz-request-id
TR3NKVFMHH3B12MM
access-control-max-age
86400
content-length
8679
x-amz-id-2
IyKFwEKVzNxRI7Q1WXpo3CXN1604RQdpCHEIG7pGja8CpEJkbhCrWEznztabgXlTI3SOCfHqhn4=
last-modified
Tue, 26 Apr 2022 22:00:46 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:28 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Wed, 25 May 2022 11:16:28 GMT

Redirect headers

date
Wed, 25 May 2022 11:06:28 GMT
server
AkamaiGHost
strict-transport-security
max-age=15768000 ; preload
location
https://static.foxnews.com/static/isa/app/lib/VisitorAPI.orig.js
cache-control
must-revalidate, max-age=300
server-timing
cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin
*
content-length
0
expires
Wed, 25 May 2022 11:11:28 GMT
React.min.css
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/ Frame 014E 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/React.min.css
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
b57305f6f6e2b211af6c4d6a073d3f2eddb50805b33f9a0c3323a36bff0c69d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"33e6e7f9cd9251a3df95f6ceeda5ef70:1615323361.114711"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1200601
content-length
5168
expires
Wed, 08 Jun 2022 08:36:29 GMT
React.min.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/ Frame 014E 		98 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/React.min.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
c05140f2f6ec553e0ae382190131b3d650eef7afc4f0e8839d710d15a431d57f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"a807d44cac2188dfc9db1265201fc1c9:1615323359.105171"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1200601
content-length
17963
expires
Wed, 08 Jun 2022 08:36:29 GMT
async_usersync
ib.adnxs.com/ Frame 548B 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:28 GMT
X-Proxy-Origin
193.27.14.27; 193.27.14.27; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
619ba82f-fc7a-4c9e-85ed-4c3fe5ee4769
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
amp.foxnews.react.css
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/ Frame 014E 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
628e7e18f1863e6a8b9f08c6676fecd8a8e9105bee25cef8e0972d4448be5a26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"fe06c545d4f31ddd8a0a6a093bed2adb:1615323267.290127"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1122906
content-length
3716
expires
Tue, 07 Jun 2022 11:01:34 GMT
fontawesome-webfont.woff
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/ Frame 014E 		30 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/fontawesome-webfont.woff
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/React.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725

Request headers

Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/react/React.min.css
Origin
https://static.foxnews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 20:56:00 GMT
server
AkamaiNetStorage
etag
"849abfea7388faeeb4edbc0b89288b85:1615323360.7515"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=1140778
accept-ranges
bytes
content-length
14651
expires
Tue, 07 Jun 2022 15:59:26 GMT
metrics.js
static.foxnews.com/static/leap/sites/fnc/ Frame 014E 		1020 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.foxnews.com/static/leap/sites/fnc/metrics.js?v=202205091536
Requested by
Host: static.foxnews.com
URL: https://static.foxnews.com/static/leap/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b8::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
be36dfbf79459fb834d7660117f55a0dc5dd29ee4e9c3d775dd8e5c78b05b578
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
CInDWAcvMWQY9aXCrXuCTMWg8ibvFDNP
content-encoding
br
etag
"ac403880b2a68017513a22c2b96cfc99"
x-amz-request-id
3ESACPWS336V4DGV
access-control-max-age
86400
content-length
458
x-amz-id-2
3Re94PXmQav9fOBbSV1X3YyAwlTzKzcX/2DCDrIXVhRJPbXWPgfy+RNjRJl/DkiIeSgYgPANmIA=
last-modified
Mon, 09 May 2022 15:49:36 GMT
server
Akamai Resource Optimizer
date
Wed, 25 May 2022 11:06:28 GMT
strict-transport-security
max-age=15768000 ; preload
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=276290
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
*
expires
Sat, 28 May 2022 15:51:18 GMT
Omniture.js
foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp//omniture/ Frame 014E 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp//omniture/Omniture.js
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
24951b307c0af85dcdf2e73cb4ba54a82083373ed18081cc400f81105d2325fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Akamai Resource Optimizer
etag
"42983db30886d50511a68a444fc541f1:1615323275.610292"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1137710
content-length
4303
expires
Tue, 07 Jun 2022 15:08:18 GMT
amp.gif
amp.akamaized.net/ Frame 014E 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp.akamaized.net/amp.gif?prod=premier&prodver=9.0.23&platform=web&os=Windows&osver=10&browser=Chrome&browserver=101.0&url=https%3A%2F%2Fstatic.foxnews.com%2Fstatic%2Forion%2Fhtml%2Fvideo%2Fiframe%2Fvod.html%3Fv%3D20220523141519%23uid%3Dfnc-embed-1%26url%3Dvideo.foxnews.com%252Fv%252Fvideo-embed.html&event=create&&lic=
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:28 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
/
time.akamai.com/ Frame 014E 		10 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://time.akamai.com/
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2b7::5fe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai/Time Server /
Resource Hash
613f93a1059ccceabc8993e03c101327dfc2ac326beab24265590884aff70b84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:28 GMT
Server
Akamai/Time Server
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Content-Type
text/plain; charset=ISO-8859-1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,Content-Length,Date
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
origin,accept-encoding,referer
Content-Length
10
Expires
Wed, 25 May 2022 11:06:28 GMT
6306718389112
api.foxnews.com/v3/video-player/ Frame 014E 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.foxnews.com/v3/video-player/6306718389112
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4c1ceb6b1a57770ec0af337d9edc9e4a3b65d7d3773f410226790b332cbb2b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
etag
c59264b99b00751e5a2c910dfe58c6db
x-amz-cf-pop
IAD66-C1
x-amzn-requestid
8c36fb26-58ea-42c3-b184-d86bba23ae7b
x-amz-apigw-id
SrcUOFeFoAMFmTA=
content-length
1171
last-modified
Tue, 24 May 2022 10:17:06 GMT
x-amzn-trace-id
Root=1-628e0db4-4d06225218ee5de301efb8ce;Sampled=0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://static.foxnews.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
*
x-amz-cf-id
Skk1Rx6IgdsTGjamrP9ftZ_ph3jHkR-8vZ7osSAjXwKFETV39iA2Bw==
bq-streamer
liftable-bq-streamer.appspot.com/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liftable-bq-streamer.appspot.com/bq-streamer
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1648748805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
server
Google Frontend
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
0e5162b2e5c12bcaccb9073d39a71f0a
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 88DD 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158410&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 06:49:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
abt
capi-tier-1-us-east-2.connatix.com/tr/ Frame 1E7C 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/abt?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
img
pix.eu.criteo.net/img/ Frame DD13 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1491220117_VS_neu&v=3&w=800&s=6_09e8tjm2mTXGSuG8XJazPC&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b9a122e608ce504e809c0cd8c2cfcb147bf1c311bcf28c9a576f76e8f9567cfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
34196
expires
Wed, 25 May 2022 11:06:28 GMT
spinner.svg
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/ Frame 014E 		1 KB
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/spinner.svg
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0084661373648e13a89ffc56fbc501adb62524d9c85b0a3ed56e7ca809ebf0c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 20:56:18 GMT
server
AkamaiNetStorage
etag
"3395922d17060e68451fe5f56859844e:1615323377.968568"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1172278
accept-ranges
bytes
content-length
495
expires
Wed, 08 Jun 2022 00:44:26 GMT
play.svg
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/ Frame 014E 		170 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/play.svg
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c8cde1232c78b6613b64b02975acdd400e374e44bc4fe231a1a60d07fbcdf06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 20:56:16 GMT
server
AkamaiNetStorage
etag
"f473ac898ad3bceac00438736aa71b8d:1615323376.069461"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1125244
accept-ranges
bytes
content-length
161
expires
Tue, 07 Jun 2022 11:40:32 GMT
back-10.svg
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/ Frame 014E 		705 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/back-10.svg
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8c538e56c50a40eff2cd74c976926806f9b1579569abd6b4cb6f3f503deb530f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
last-modified
Tue, 09 Mar 2021 20:56:18 GMT
server
AkamaiNetStorage
etag
"fb30477bb633aa954c88867434762878:1615323378.792611"
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1092590
accept-ranges
bytes
content-length
705
expires
Tue, 07 Jun 2022 02:36:18 GMT
forward-10.svg
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/ Frame 014E 		688 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/forward-10.svg
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
53d97be0bf778f689b2557478041feb82ca07f46e789639bb1032a6e64b927f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
last-modified
Tue, 09 Mar 2021 20:56:16 GMT
server
AkamaiNetStorage
etag
"bf625ee7d935e91d39984afa5314aff8:1615323376.63668"
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1116522
accept-ranges
bytes
content-length
688
expires
Tue, 07 Jun 2022 09:15:10 GMT
volume-high.svg
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/ Frame 014E 		253 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/volume-high.svg
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ef9a58587804b0a7374c553e4ad630e598458f09b9b4115e08fea883620e27a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 20:56:17 GMT
server
AkamaiNetStorage
etag
"ed23cae7da5a19945806c64c6a1e7770:1615323377.477124"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1174404
accept-ranges
bytes
content-length
213
expires
Wed, 08 Jun 2022 01:19:52 GMT
share.svg
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/ Frame 014E 		1 KB
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/share.svg
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
54ceddfe3867f2a83d882ad540709b2c2a2ef565f8f3e9f6404454ca62e9d246

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 20:56:18 GMT
server
AkamaiNetStorage
etag
"3352dbc49292cfaacb6fa29f4e467aaf:1615323378.693877"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1202556
accept-ranges
bytes
content-length
657
expires
Wed, 08 Jun 2022 09:09:04 GMT
settings.svg
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/ Frame 014E 		590 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/settings.svg
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
22a8d2518f55a68cee1c79a8e84f391de7f2514d89f07745870bb5202aa63a75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
last-modified
Tue, 09 Mar 2021 20:56:13 GMT
server
AkamaiNetStorage
etag
"8a987387f41df843242378957b457625:1615323373.356749"
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1158937
accept-ranges
bytes
content-length
590
expires
Tue, 07 Jun 2022 21:02:05 GMT
screen-full.svg
foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/ Frame 014E 		259 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/icons/screen-full.svg
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.216.77.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2b295f964916143b317c6fc3979c9135ed238a63e71fb52f0c37acf3753d3781

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://foxnewsplayer-a.akamaihd.net/player/9.0.23/assets/css/amp.foxnews.react.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
last-modified
Tue, 09 Mar 2021 20:56:16 GMT
server
AkamaiNetStorage
etag
"619436e1885a0c6d35e625d4c7f22119:1615323376.845641"
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1153691
accept-ranges
bytes
content-length
259
expires
Tue, 07 Jun 2022 19:34:39 GMT
text.vtt
vod.foxnews.com/media/v1/text/vtt/clear/694940094001/3be349d2-f03a-49ca-99ab-97c9c61ab0b5/18307c1a-6756-4215-84c9-0f8b5abc0a8f/ Frame 014E 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vod.foxnews.com/media/v1/text/vtt/clear/694940094001/3be349d2-f03a-49ca-99ab-97c9c61ab0b5/18307c1a-6756-4215-84c9-0f8b5abc0a8f/text.vtt
Requested by
Host: foxnewsplayer-a.akamaihd.net
URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ BC
Resource Hash
ca5ba8ef6f450601e92086cf31df10afdec489565691d33254c0ded1bfafddf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
EWR53-C1
X-Powered-By
BC
Backend-IP
13.225.66.137
BC-MID
true
Connection
keep-alive
Content-Length
4256
X-Served-By
cache-ewr18133-EWR
Akamai-Mon-Iucid-Del
827254
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Timer
S1653391501.965300,VS0,VE1
X-Powered-From
gantry
ETag
"8d0c1cc1f0b77c452484dab821d4d394"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/vtt
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
public, max-age=31446904
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
gJ7w3mWZAWjMtKTngcRyhYL3CB3FLWogSCrCMe7m94Ywo3uDq5HSXA==
Expires
Wed, 24 May 2023 10:21:32 GMT
X-Cache-Hits
1
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/694940094001/3be349d2-f03a-49ca-99ab-97c9c61ab0b5/edce402e-640d-4779-b17f-67904feb15e0/1280x720/match/ Frame 014E 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/694940094001/3be349d2-f03a-49ca-99ab-97c9c61ab0b5/edce402e-640d-4779-b17f-67904feb15e0/1280x720/match/image.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.100.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-100-40.fra50.r.cloudfront.net
Software
/ BC
Resource Hash
9f52456b12e2bde44ef92e5c17a113e3e3075a1e4977e97f41ea77061871d03c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Tue, 24 May 2022 10:20:40 GMT
Via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
Age
89148
X-Powered-From
gantry
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
7azYQ0ySNUnXQRPaqkriFcDKQydbYOyWqQTU4EahFaqFEIRLCikiMw==
Expires
Wed, 24 May 2023 10:20:40 GMT
in
c.p2r14.com/v5/ Frame 014E 		2 B
538 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.p2r14.com/v5/in
Requested by
Host: cdn.watchingthat.net
URL: https://cdn.watchingthat.net/wtat.plugin-amp_ima.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.92.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-92-160.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://static.foxnews.com/static/orion/html/video/iframe/vod.html?v=20220523141519
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryuPHMnIy0jrGtBxrt

Response headers

date
Wed, 25 May 2022 11:06:29 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://static.foxnews.com
access-control-allow-credentials
true
content-length
2
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 32A3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1961
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 10:33:48 GMT
expires
Thu, 25 May 2023 10:33:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 843A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cdd3dde0a9c166cfaf38a9bbdd5210336cae8f7ecb0eae038d2f03ebac1c757a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XELg7zKrDCI75KL0wQ08pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-XELg7zKrDCI75KL0wQ08pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 11:06:29 GMT
expires
Wed, 25 May 2022 11:06:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
pagead2.googlesyndication.com/bg/ Frame 32A3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/arPbY-3YgYGr_MCC2cNf3gMi8SxKBb_Vamoqi1J17n4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 07:54:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
270707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 May 2023 07:54:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 843A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051901&jk=1354760339844&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 32A3 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7yPuzQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4652 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69273990&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4f964a885c549b6269899535f5d6a644726ce1f9963e551575089891b72133f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:29 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 1703 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50697919&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4f964a885c549b6269899535f5d6a644726ce1f9963e551575089891b72133f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E363
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 25 May 2022 11:06:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 470E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
1 B
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 25 May 2022 11:06:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4083-HHN
x-timer
S1653476790.138786,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 2D92
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TXW5RZQoSwJe5dA2-RrHTMEbDhs
42 B
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TXW5RZQoSwJe5dA2-RrHTMEbDhs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 25 May 2022 11:06:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=TXW5RZQoSwJe5dA2-RrHTMEbDhs
redir
rtb-csync.smartadserver.com/ Frame DD68
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFELTBrN0ZIQnNBQUV0YWNnNnVlUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGj5k7FHBsAAEmb48_3BQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGj5k7FHBsAAEmb48_3BQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Wed, 25 May 2022 11:06:29 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2C9D
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 25 May 2022 11:06:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
pub
matching.truffle.bid/sync/ Frame 3C08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame EB68 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 25 May 2022 11:06:30 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-6
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 62F0
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1653476790183
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 25 May 2022 11:06:30 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
i.match
s.tribalfusion.com/z/ Frame 38B2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
710dcd541a980219-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
710dcd52c8d10219-ZRH
content-type
text/html
date
Wed, 25 May 2022 11:06:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
20812
cookiesync
core.iprom.net/ Frame B5ED 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 25 May 2022 11:06:30 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-1784c07e47a0@version_1.504
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 1661
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=972f202ef65afcf1/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 10BD
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ba82e97c-e848-4a88-81f3-3fe8ebd40ab8-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ba82e97c-e848-4a88-81f3-3fe8ebd40ab8-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 25 May 2022 11:06:30 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4038-HHN
x-timer
S1653476790.252976,VS0,VE9

Redirect headers

accept-ranges
bytes
content-length
0
date
Wed, 25 May 2022 11:06:30 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=ba82e97c-e848-4a88-81f3-3fe8ebd40ab8-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6979-MXP
x-timer
S1653476790.161422,VS0,VE24
x-vcl-time-ms
24
141
match.deepintent.com/usersync/ Frame 2D7B 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 25 May 2022 11:06:29 GMT
server
b
usersync
match.bnmla.com/ Frame 166C 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 55F4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:30 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0d838a898723b026e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame BA27
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Wed, 25 May 2022 11:06:30 GMT
expires
Tue, 24 May 2022 11:06:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Artemis
aud.pubmatic.com/AdServer/ Frame 4652
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date
Wed, 25 May 2022 11:06:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 4652
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
frontend-id
1
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4652 		95 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
710dcd528ac601e7-ZRH
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 4652
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
3C3BB220-B9FB-4A3A-8889-F4177C051D2F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4652 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3C3BB220-B9FB-4A3A-8889-F4177C051D2F?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d804:38dc:9a29:ba55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 4652
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f.b6FYJE2uUUs6JDXnFBx.tYfFybQfM-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f.b6FYJE2uUUs6JDXnFBx.tYfFybQfM-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f.b6FYJE2uUUs6JDXnFBx.tYfFybQfM-~A&gdpr=0&gdpr_consent=
date
Wed, 25 May 2022 11:06:30 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 4652
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fab8b569-83e5-4975-b199-101a3ee87ffe
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fab8b569-83e5-4975-b199-101a3ee87ffe
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=0b185867-8420-4e41-97b8-b03192d4516e&ssp=pubmatic&expires=30&user_group=5&bsw_param=fab8b569-83e5-4975-b199-101a3ee87ffe
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fab8b569-83e5-4975-b199-101a3ee87ffe&gdpr=&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fab8b569-83e5-4975-b199-101a3ee87ffe&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fab8b569-83e5-4975-b199-101a3ee87ffe&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 25 May 2022 11:06:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4652
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2957325134359435425&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2957325134359435425&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2957325134359435425&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 25 May 2022 11:06:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 4652
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4ca9e53d-2c48-4602-9b69-5f4c3e63c1d6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4ca9e53d-2c48-4602-9b69-5f4c3e63c1d6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4ca9e53d-2c48-4602-9b69-5f4c3e63c1d6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 25 May 2022 11:06:30 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 4652 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4652 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:29 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4652
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2205566270350662059
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2205566270350662059
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:30 GMT
X-Proxy-Origin
193.27.14.27; 193.27.14.27; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
56e032b1-7034-4ac4-abc9-67d3475a1e93
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2205566270350662059
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 4652 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4652
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bb00e100-dc1a-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
1 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bb00e100-dc1a-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bb00e100-dc1a-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Date
Wed, 25 May 2022 11:06:30 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
bb00e101-dc1a-11ec-8a25-c312b08c9a12
Artemis
aud.pubmatic.com/AdServer/ Frame 1703
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr=
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date
Wed, 25 May 2022 11:06:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 1703
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
frontend-id
10
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1703 		95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
710dcd52eb3801e7-ZRH
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 1703
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E518
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 25 May 2022 11:06:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7101628724870248595
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
3C3BB220-B9FB-4A3A-8889-F4177C051D2F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1703 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3C3BB220-B9FB-4A3A-8889-F4177C051D2F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d804:38dc:9a29:ba55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 1703
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f.b6FYJE2uUUs6JDXnFBx.tYfFybQfM-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f.b6FYJE2uUUs6JDXnFBx.tYfFybQfM-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-f.b6FYJE2uUUs6JDXnFBx.tYfFybQfM-~A&gdpr=0&gdpr_consent=
date
Wed, 25 May 2022 11:06:30 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1703
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a2e13459-fd3b-4370-a497-24c442dc36a0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fab8b569-83e5-4975-b199-101a3ee87ffe&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fab8b569-83e5-4975-b199-101a3ee87ffe&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fab8b569-83e5-4975-b199-101a3ee87ffe&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 25 May 2022 11:06:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CB49
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
1 B
55 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 25 May 2022 11:06:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yo4NswAD8EypMQAo&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4083-HHN
x-timer
S1653476790.253174,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 81CB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xQmU7hs8RSpkSW-o7fFrH8EbDhs
42 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xQmU7hs8RSpkSW-o7fFrH8EbDhs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 25 May 2022 11:06:30 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xQmU7hs8RSpkSW-o7fFrH8EbDhs
Pug
simage2.pubmatic.com/AdServer/ Frame 1703
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8145471905090246817&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8145471905090246817&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8145471905090246817&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 25 May 2022 11:06:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1703
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3a4c8b4a-de05-4707-868d-23f938b5907a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3a4c8b4a-de05-4707-868d-23f938b5907a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3a4c8b4a-de05-4707-868d-23f938b5907a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 25 May 2022 11:06:30 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1703 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
redir
rtb-csync.smartadserver.com/ Frame 8019
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHajVrN0ZIQnNBQUVtYjQ4XzNCUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGj5k7FHBsAAEmb48_3BQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGj5k7FHBsAAEmb48_3BQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Wed, 25 May 2022 11:06:29 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGj5k7FHBsAAEmb48_3BQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E1FC
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 25 May 2022 11:06:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
pub
matching.truffle.bid/sync/ Frame 745A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 8A6A 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 25 May 2022 11:06:30 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-6
server
Cowboy
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1703 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:29 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2AE1
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1653476790263
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 25 May 2022 11:06:30 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
i.match
s.tribalfusion.com/z/ Frame EEA3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
388 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
710dcd546b1e0219-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
710dcd53296b0219-ZRH
content-type
text/html
date
Wed, 25 May 2022 11:06:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
37908
cookiesync
core.iprom.net/ Frame 0C67 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 25 May 2022 11:06:30 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-1878a129f9a5@version_1.504
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame C7A3
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=972f202ef65afcf1/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRTXMXaXnMUVgMjMb
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 4E8C
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f70e1f77-21db-4bd5-a789-fbb95488b72e-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f70e1f77-21db-4bd5-a789-fbb95488b72e-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 25 May 2022 11:06:30 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4038-HHN
x-timer
S1653476790.316924,VS0,VE8

Redirect headers

accept-ranges
bytes
content-length
0
date
Wed, 25 May 2022 11:06:30 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f70e1f77-21db-4bd5-a789-fbb95488b72e-tuct9879336&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6979-MXP
x-timer
S1653476790.277714,VS0,VE27
x-vcl-time-ms
27
Pug
simage2.pubmatic.com/AdServer/ Frame 1703
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2205566270350662059
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2205566270350662059
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 25 May 2022 11:06:30 GMT
X-Proxy-Origin
193.27.14.27; 193.27.14.27; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6103709f-8972-400e-80f9-576ae5803d6e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2205566270350662059
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 1703 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
141
match.deepintent.com/usersync/ Frame B1C8 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 25 May 2022 11:06:29 GMT
server
b
usersync
match.bnmla.com/ Frame D8B8 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:30 GMT
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 1703
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bafdd391-dc1a-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
1 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bafdd391-dc1a-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bafdd391-dc1a-11ec-8a25-c312b08c9a12&gdpr=0&gdpr_consent=
Date
Wed, 25 May 2022 11:06:30 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
bafdd392-dc1a-11ec-8a25-c312b08c9a12
Pug
simage2.pubmatic.com/AdServer/ Frame 140B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 25 May 2022 11:06:29 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:H8wOknXp1NTOQp5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-057420aad53a017a6@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame A837
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Wed, 25 May 2022 11:06:30 GMT
expires
Tue, 24 May 2022 11:06:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B971815E56DE4FAA8083BA590C385D0D
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
694e0c7c-b595-44da-8fa0-f57e1eb18dd9
ex.ingage.tech/v1/sync/pubmatic/ Frame FB40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/pubmatic/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
710dcd533f3901db-ZRH
date
Wed, 25 May 2022 11:06:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
PugMaster
image6.pubmatic.com/AdServer/ Frame AA0C 		289 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58262427&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8f45fbba45c3a729e1899b6be117b415c87b28057586cb92001d45fc11c08c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
289
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051901&jk=1354760339844&bg=!u7iluPzNAAZ4vKt9WLw7ACkAdvg8WlZVLQbKC6wb3WhqJxwNd4FrlHz32wmSwJVrQ4EkYbPNV5zqIgIAAABkUgAAAAJoAQcKABmEG5JVywdLGxZCNXa91G6dGIRXAGOxS54AmQKvkXX2aZsEKonii-61LGRJW9lihVjX-ngZV-VY_Xz0V4PQrX18EUPTwd54uAd4OUJkEfO66SHYHMJB2fRqBdgkLkD92k-UmnKypkJG8aFXHsWsGGzVHO4SzUkSBqrZ_J2ojoOVwMVf9dsdmg82bOYijqgw20Wc9F2Q7sAaC4GILGociCErngMnOJxGMhLn5ISu9a7kTLcNuMafczHCV6bhyBTYTDqQGN8vR_3Jl1RFQA_F2x7BX0odxEEkeiybVF6d9BZXn7Dt5-7GtqhoxSYaHbw-7HSgFDvt4ds1K-1biKkow5VZ56eIxF2Qv3GzbHO6CvU3vawq5gON3xBZWLKB10a3zoHeaHTREGbJiYmcojXnct96K0MpVWTcKSIVs1fbb3vpQYb9oGlsFtai-uy_3ggwUZu7qXbp323fhFMbMntC2B2VhhLHfEgr8ucGiftPCOSrYFsx1TCP56UC0Vm_Su9JXr85QkA3z3A-x13_T5c-_CUZAx4PXxM7RQf87evYlJtHKUEPHKh85zWC6m4uhB81lKMkaAdkFyIDahR1Rtmo-G57m-f6JksodpBmOkr4VVYbzsJO50sT-x-mUsMr5cvJO-xDwBSviMtAKq-GDhEEMwLOkKiVfsjhk9loXhVs-vmbDZUXOokYzoDbwJv9h0TzVmDesoM-yUL96s-9_QvtnsdBO7uDKJYOjWDrY1BfdbskrFqltOkQ1lugLAgNEi1YZ-ll4NneoCwhKsZLocPcgilXb3fIj_TQX7iAF7BjpBjSz7f9SQMbxdkjFZLz5XfAJZWO3Mj7UMaHgu82VAaUe2WwQqiLTGYUtZsH87cO74QFGHYxvXF1rok-ONDRf_gyJ2Jdd2VJ07vlkDj8aOHYMTOwKfN2BpRCgPvlWw3FCD_Ot4us9p5dH01RdIEV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
um
u-ams02.e-planning.net/ Frame 7760 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=b1c222e27fbeead5&uid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Db1c222e27fbeead5%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Wed, 25 May 2022 11:06:30 GMT
server
openresty
ids
idsync.frontend.weborama.fr/ Frame AA0C
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:29 GMT
via
1.1 google
last-modified
Wed, 25 May 2022 11:06:30 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3C3BB220-B9FB-4A3A-8889-F4177C051D2F
date
Wed, 25 May 2022 11:06:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame AA0C 		49 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3C3BB220-B9FB-4A3A-8889-F4177C051D2F&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.70.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-70-186.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 11:06:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.16.191
content-type
image/gif
content-length
49
x-consent
absent
st
capi-tier-1-us-east-2.connatix.com/tr/ Frame 1E7C 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/st?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=460652799/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.westernjournal.com/ Frame E54D 		163 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=460652799/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20www.westernjournal.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.67.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-67-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
163
content-type
text/html;charset=utf-8
date
Wed, 25 May 2022 11:06:30 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-consent
absent
x-server
10.45.26.17
mq
capi-tier-1-us-east-2.connatix.com/tr/ Frame 1E7C 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/mq?v=163691&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.38.126 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-38-126.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 25 May 2022 11:06:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
SPug
simage4.pubmatic.com/AdServer/ Frame 4652 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 1703 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F694e0c7c-b595-44da-8fa0-f57e1eb18dd9%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame C357 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=VekhiKY1igz4_OubvhxSrhBWzLV-89ksHeSNmRCkAnX6JQRASHssfzYDiac3Lqx-spR5Bou65bi97C3UL4Fi2Q3-G2IAGIasn3pj_SlCwGFGPdNDeL7iBa29YR3sfn28sbftceYnu-SIrgOZBBRloCFh6sZhcsDT0yZ4kdUl01aofyIA5HQCS1f5mbOfd494YSTCY-pCGrzmeLJWwuVTEEgCzIfvNvmc1z4rUywbkAyJ_fN-GmQOicF333UPXuRdFzfcdg&sds=2&rev=81571&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4NsAABjP4Ke7zUAAU-8ob0JrY_Gp8yEZD22Q&u=%7CgdwhQebll541OLw4klBOiasNkmc1taUtpCdxILLL0dI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy-ZCx2l8r38z-Y5KeOqAmeGKc9dh3PNWVVWyRDbjXIr1dByUuWlkmIEq_5uMMZkKug4VeYtc8T83HtjIGpE_4jkm7Mj7R2_RNrwAtlIlC9iBR5YRDvWiapyr2WKPrUWKU1yg8S4th10hQn4eLYZi7r_8aVBBMpNKFJin23sC5zuph1_jf4c5lcFpv4VbjhKkPhQPtEhFVEVE_Sf8Q-bhYas0CsXxPXYcYw9jjRTkGYU0CWK6PFQsTpxXqaNuATL-tu-hiwovB08oXuE_MRDiycIXkOK5U_MjCnnFzCFofl1vCQGqIUY-jGPdv6f8Z-HVGkQrB4MYeGvUkQbUo7sSjRIoUMWj_Sblz3LvVi3KT_7JYWccut9CBTav5YYnApsPUaKVJFy5rFaS4gwew8sN1amIrRmPOHiWeQ8fTHTLx20vutReGZH2qcc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCia9AsA2OYv6ZBtT57gPy_ZToAcme0rFc1Z2R93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMjY5NzY3OTUxODUxNTg4NqAB1bbS6gPIAQmpAv4dQUs49rE-4AIAqAMBqgSNA0_Qv_9a90Me1JBtKjO1GS--Ea39f0L3fLR7LhwhTuj8m5V8dP6kNhmY1gYCL7yUCExgjJSJiDVmI32m2P8Vf8dfA4WAg3Vxkx9yTyYV3Te1xSmixv66dCiayQXcMh9jST4GP8Mh7GoPsALMn__OaP3U-3JX7zdWT3_dG3mEsZz1sp-LT4kXYZEWbyztIEHSD6F96R4dOUqh6o70Lqr4BckEYbmbG1O9lfTC9ABzXJwqrX2D53HxbWVQXxRPxFaCS5sOjYpRo1gfLbLG7Xzwb2wMxyn5dWtk7u2TLwu-4JXZT79czM85-bGz_Tz4KTNacNp5n4t-b_9HlNThvmo3CJGSsm96lnW9SPzywGU1UQo_62OsoT46U7fhtjzZaYy35VH2Bqt5poLbXN3RfUHOVwJX_cvoi878r3K_yrua2lWQRYA8gW4V1VMAu8b8yUFxEkretAQ6qb0HWuzbu8WUk0Ctro-xAvuMDKUeGNPvmlJyLyd9gyO8AJCF7_d-IxG6Hw7pAMpW92UDo9VOwZHgBAGABomI8PONoIr5e6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eVDGnEk6fSUe3asd93v4CjbtSiw%26client%3Dca-pub-2697679518515886%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 11:06:32 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 11:06:34 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 11:06:35 GMT
content-length
0
vary
Origin
img
pix.eu.criteo.net/img/ Frame DD13 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F982889_Coin&v=3&w=800&s=i8WOYukRT_ZR7aftoUGLHiH9&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5e47aec83e2829920e84c224a1806fe54122b276714a0f121292a2fd57de4718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:06:34 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
47076
expires
Wed, 25 May 2022 11:06:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=westernjournal.com
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer function| getParameterByName function| getCookie object| PWT object| Insticator object| google_tag_manager object| google_optimize object| _atrk_opts function| pbjsChunk object| pbjs object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| core object| googletag object| ADRIZER function| admiral object| advBidxc number| ff_current_page number| FF_REP_COUNT object| FF_EXCLUDE_ADS function| firefly_setTargeting function| firefly_size_list_to_max_wh object| FFADS function| sendInitialAdserverRequest function| sendSingleAdserverRequest function| firefly_pbjs_bids_back_single function| firefly_a9_bids_back_single object| a9_slot_arr string| ad_unit object| Adomik object| apstag object| _comscore string| captchaPublicKey object| a2a_config function| cnx function| ffp_getCookie function| ffp_setCookie string| voted_cookie_name function| ff_poll_submit undefined| emailField boolean| ff_poll_voted object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| firefly_sc function| firefly_set_ff_utms object| atsScript function| fireflyStickySbSetScrollEventListener function| fireflyStickySbScrollListener function| fireflyPreventWidgetOverlap function| firefly_global_loaded string| firefly_loading_gif_url string| firefly_ajax_url number| firefly_post_id boolean| firefly_global_loaded_v object| wp object| _qevents function| ff_open_close_list function| ff_list_toggle function| ff_create_subscriber function| firefly_update_subscriber function| ff_check_list_checkbox function| ff_unsubscribe_all_list function| ff_subscribe_all_list function| ff_select_all_list function| ff_open_subscriber_form function| ff_open_preference_page function| validateEmail function| ff_update_subscriber_email_inputs function| checkAlmostVisible function| setCookie function| firefly_ma function| isMobile object| ff_source undefined| deferredPrompt undefined| $ function| jQuery function| onYouTubeIframeAPIReady object| gaGlobal function| atrk boolean| _atrk_fired object| InsticatorXmess boolean| headerTagInjected number| insticator_tg boolean| abpStatus object| __twttrll object| twttr object| __twttr object| jeengConfig function| setImmediate function| clearImmediate function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| jeeng function| owpbjsChunk object| owpbjs object| ggeac object| google_js_reporting_queue function| udm_ object| ns_p object| COMSCORE boolean| apstagLOADED object| InsticatorCommenting object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant object| regeneratorRuntime object| gaplugins object| gaData object| aax object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| ats function| 4dm1r11545242527 boolean| isCommentingRequested undefined| google_measure_js_timing object| cnx_usr_storage function| instBidChunk object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| sas object| apntag object| _ADAGIO function| dspCriteoRTUSCallback object| hindsight boolean| hindsight_loaded object| _mgIntExchangeNews object| MarketGidInfC1280823 function| MarketGidCContextBlock1280823 function| MarketGidCMainBlock1280823 function| MarketGidCInternalExchangeBlock1280823 function| MarketGidCRejectBlock1280823 function| MarketGidCInternalExchangeLoggerBlock1280823 function| MarketGidCObserverBlock1280823 function| MarketGidCSendDimensionsBlock1280823 function| MarketGidCRtbBlock1280823 function| MarketGidCIframeSizeChangerBlock1280823 function| MarketGidCContentPreviewBlock1280823 function| MarketGidCResponsiveBlock1280823 boolean| mg_loaded_542039_1280823 function| _docReady object| atdpbjs boolean| isUserActive boolean| windowActive object| _yetiAXTInstances object| _yetiAXTUnitConfig object| player_instance_ce1edd594e6647c89b39ff58f6c399ef object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| __connect string| hindsight_flags object| $SO function| atdpbjsChunk function| Sizzle object| ampInaboxIframes object| ampInaboxPendingMessages number| google_global_correlator function| cnxProxyTask object| closure_lm_615312 object| onClickExcludes function| mgReject1280823 function| mgLoadAds1280823_0b977 function| MarketGidCReject1280823 function| MarketGidLoadGoods1280823_0b977 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint542039 string| _mgCanonicalUri object| _mgPageView542039 string| _mgPvid boolean| i.js.loaded boolean| i-noref.js.loaded object| GoogleGcLKhOms object| winnerIds object| google_image_requests function| cnxAddEventListener

162 Cookies

Domain/Path Name / Value
www.westernjournal.com/ Name: ADRIZER_SOURCE
Value: {%22value%22:%22%22%2C%22expires%22:%222022-05-27T11:06:22.229Z%22}
www.westernjournal.com/ Name: ADRIZER_WIDGET
Value: {%22value%22:%22%22%2C%22expires%22:%222022-05-27T11:06:22.229Z%22}
www.westernjournal.com/ Name: ffpvi
Value: 2
.westernjournal.com/ Name: _ga_DCR5CPLYCJ
Value: GS1.1.1653476782.1.0.1653476782.0
.westernjournal.com/ Name: __asc
Value: 97eb7b07180fae571ac6d03f426
.westernjournal.com/ Name: __auc
Value: 97eb7b07180fae571ac6d03f426
www.westernjournal.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.westernjournal.com/ Name: _pubcid
Value: 718596c2-8e98-4339-96be-a9e3dafd1b5b
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3880d63038758d18
.rubiconproject.com/ Name: khaos
Value: L3LHDUOW-V-HYX3
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Ei92o5ChLdf13NEnEPvxbSem0AuhTX0VRxQW03tTNtB7+jJ7SuG0NGoCgbVi0+aYRKqI7qA78VID6C8KI46dWhDWWUd+velUmtJ3kvZuRa8pA==
.scorecardresearch.com/ Name: UID
Value: 1C1671c79c2d62dcdec14481653476782
.mgid.com/ Name: __cf_bm
Value: QE6vZJ6xuz.qUOanVB3zsjTfOFmLRDIcKupvp7B8p4o-1653476782-0-AcclSSVrRKQ9/bYfmt4869ukXZdrkQyDw5HTSWv57b+1+PoXKH2EXTNA5QONkWqzb6+wI13UScuJZN2628R7HeU=
.westernjournal.com/ Name: InstiSession
Value: eyJpZCI6ImQxNzIyMzc2LWUxYjktNDA0OC05NjVjLTJkZjI0MWJiNTBiZiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
www.westernjournal.com/ Name: mnet_session_depth
Value: 1%7C1653476782802
.westernjournal.com/ Name: _ga
Value: GA1.2.1784532977.1653476782
.westernjournal.com/ Name: _gid
Value: GA1.2.994590483.1653476783
www.westernjournal.com/ Name: plsVisitorGeo
Value: DE
www.westernjournal.com/ Name: plsVisitorCity
Value: Hessen
www.westernjournal.com/ Name: cto_bidid
Value: _1NtaV9aTFlMYWklMkZjcHJCcEtadGVzZWpYMWltdTBnaiUyQlRVaWhGdnlaRm1uYkEyb2taZEhjYkNqSUxhb1cwSEp2JTJGdGhwYlcxUUt1WXdUanppTXVSM25CQSUyRnpnJTNEJTNE
www.westernjournal.com/ Name: cto_bundle
Value: y4SSdV92cVhqdVBZQVFKUVJSVnU4aDlIS2tOSE5pJTJCVnlMalpVTEtuS1k4Ykw5bFpqUHZZWHFBRlh1MDJOVWNQMzdyajVNM0RicDRaQWZsSUxCdCUyQjdOQjElMkJSUkxhbWNjbSUyRlVOMlpUVnROJTJCWU9ubUp6OEhSdGUlMkJUOUZXNjRLVUx6a1FxaA
.adnxs.com/ Name: uuid2
Value: 2205566270350662059
www.westernjournal.com/ Name: hb_insticator_uid
Value: 694e0c7c-b595-44da-8fa0-f57e1eb18dd9
www.westernjournal.com/ Name: visitorGeo
Value: DE
www.westernjournal.com/ Name: visitorCity
Value: Frankfurt am Main
www.westernjournal.com/ Name: visitorIP
Value: 193.27.14.27
www.westernjournal.com/ Name: emailhashes
Value: []
www.westernjournal.com/ Name: heCooldown
Value: 1
.westernjournal.com/ Name: _dc_gtm_UA-54260989-7
Value: 1
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGNMdmUvl3ZxGQskJGpgd1xIFt87TMBs-LTKtZrofXbc4
.gumgum.com/ Name: vst
Value: e_72b344cb-54b2-4ec4-b462-74d7e00e975e
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s568|Yo4Ns
.quantserve.com/ Name: mc
Value: 628e0daf-55831-66c44-52730
www.westernjournal.com/ Name: _lr_geo_location
Value: DE
.westernjournal.com/ Name: _fbp
Value: fb.1.1653476783428.1162117146
.adnxs.com/ Name: icu
Value: ChgI27RDEAoYASABKAEwr5u4lAY4AUABSAEKGAi1m3oQChgBIAEoATCvm7iUBjgBQAFIARCvm7iUBhgB
.facebook.com/ Name: fr
Value: 03EPapKf2e6Z6uKfJ..Bijg2v...1.0.Bijg2v.
.westernjournal.com/ Name: __qca
Value: P0-2020592933-1653476783323
www.westernjournal.com/ Name: _yeti_currency_new_3
Value: {"dataAsOf":"2022-05-24T00:00:00.000Z","generatedAt":"2022-05-24T15:00:46.821Z","conversions":{"USD":{"USD":1,"JPY":127.32276119402985,"BGN":1.8244402985074626,"CZK":23.00652985074627,"DKK":6.941324626865671,"GBP":0.7999067164179104,"HUF":357.58395522388054,"PLN":4.292444029850746,"RON":4.6125,"SEK":9.795988805970149,"CHF":0.9639925373134328,"ISK":129.94402985074626,"NOK":9.597947761194028,"HRK":7.02285447761194,"TRY":16.09813432835821,"AUD":1.4134328358208956,"BRL":4.831436567164179,"CAD":1.2792910447761192,"CNY":6.665018656716417,"HKD":7.849160447761195,"IDR":14656.604477611938,"ILS":3.3440298507462685,"INR":77.59794776119402,"KRW":1262.733208955224,"MXN":19.81865671641791,"MYR":4.391417910447761,"NZD":1.553731343283582,"PHP":52.38059701492537,"SGD":1.373320895522388,"THB":34.15018656716418,"ZAR":15.65429104477612,"EUR":0.9328358208955223},"GBP":{"USD":1.2501457725947522,"JPY":159.17201166180757,"BGN":2.280816326530612,"CZK":28.761516034985423,"DKK":8.677667638483964,"GBP":1,"HUF":447.03206997084544,"PLN":5.366180758017492,"RON":5.766297376093295,"SEK":12.246413994169096,"CHF":1.205131195335277,"ISK":162.44897959183675,"NOK":11.998833819241982,"HRK":8.779591836734694,"TRY":20.125014577259474,"AUD":1.766997084548105,"BRL":6.039999999999999,"CAD":1.5993002915451893,"CNY":8.332244897959184,"HKD":9.81259475218659,"IDR":18322.89212827988,"ILS":4.1805247813411075,"INR":97.00874635568513,"KRW":1578.6005830903791,"MXN":24.77620991253644,"MYR":5.489912536443149,"NZD":1.9423906705539358,"PHP":65.48338192419826,"SGD":1.7168513119533526,"THB":42.692711370262394,"ZAR":19.570145772594753,"EUR":1.1661807580174925}}}
www.westernjournal.com/ Name: __aaxsc
Value: 2
prebid.a-mo.net/ Name: __amc
Value: 1_1653476783_1653476783
.technoratimedia.com/ Name: tads_uid
Value: GDPR
www.westernjournal.com/ Name: aasd
Value: 2%7C1653476783356
.doubleclick.net/ Name: IDE
Value: AHWqTUm4GQ2wIgUHCZsvqkE-1St-NkKh3ai0C14EcLo80QsfMIqvWT7i0nAAtUbG3bE
.westernjournal.com/ Name: __gads
Value: ID=e9683a8dc8942371:T=1653476783:S=ALNI_MaBcvmuUlG1lvAQeFXmAZ5E1_zV6Q
www.westernjournal.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-05-25T11%3A06%3A24%22%7D
.westernjournal.com/ Name: panoramaId_expiry
Value: 1653563184871
.media.net/ Name: visitor-id
Value: 2964783857577106000V10
.media.net/ Name: data-g
Value: CAESEGLu3QZTJivodHxQkeTKuUk~~3
.w55c.net/ Name: wfivefivec
Value: H8wOknXp1NTOQp5
.mathtag.com/ Name: uuid
Value: dc78628e-0db1-4400-a175-f29090861e69
.mathtag.com/ Name: mt_mop
Value: 4:1653476785
.w55c.net/ Name: matchgoogle
Value: 5
live.instiengage.com/ Name: route
Value: b4361cec20114c071451089c799816d8|bc2e8509d1108493c0fbabaa9aff431f
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3C3BB220-B9FB-4A3A-8889-F4177C051D2F
.quantserve.com/ Name: d
Value: EOIBDgGcJoEO-TA
.onaudience.com/ Name: cookie
Value: 972f202ef65afcf1
.onaudience.com/ Name: done_redirects147
Value: 1
.simpli.fi/ Name: suid
Value: B971815E56DE4FAA8083BA590C385D0D
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-LGx5tCo6ILc3a3TpKW9s5yw9deU3a3PmKW4thT3y&KRTB&19420-LGx5tCo6ILc3a3TpKW9s5yw9deU3a3PmKW4thT3y&KRTB&22979-LGx5tCo6ILc3a3TpKW9s5yw9deU3a3PmKW4thT3y
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2205566270350662059&KRTB&23339-2205566270350662059
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPKYPJAOT5ob3JGv2uBhX8k&KRTB&16514-CAESEPKYPJAOT5ob3JGv2uBhX8k&KRTB&23025-CAESEPKYPJAOT5ob3JGv2uBhX8k
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:dc78628e-0db1-4400-a175-f29090861e69&KRTB&16736-uid:dc78628e-0db1-4400-a175-f29090861e69&KRTB&23019-uid:dc78628e-0db1-4400-a175-f29090861e69&KRTB&23208-uid:dc78628e-0db1-4400-a175-f29090861e69
.de17a.com/ Name: guid2
Value: 1.2288197559826090879
.adform.net/ Name: C
Value: 1
www.westernjournal.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1280823%22%3A%7B%22page%22%3A1%2C%22time%22%3A1653476786851%7D%7D
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2288197559826090879
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3101216839812627722&KRTB&23263-3101216839812627722
.adform.net/ Name: uid
Value: 712156065992100998
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
sync.e-planning.net/ Name: CT
Value: 1
.casalemedia.com/ Name: CMID
Value: Yo4Ns5yoAZWb3DBaVKB9pgAA
.casalemedia.com/ Name: CMPS
Value: 3231
.e-planning.net/ Name: E
Value: AIHh5Z/GncjhZ2fP
ex.ingage.tech/ Name: instUid
Value: 694e0c7c-b595-44da-8fa0-f57e1eb18dd9
.casalemedia.com/ Name: CMPRO
Value: 1126
.casalemedia.com/ Name: CMST
Value: Yo4Ns2KODbMA
.zeotap.com/ Name: zc
Value: 72094b8e-cc65-4554-7702-c21a30964717
.zeotap.com/ Name: zsc
Value: y%5E%5C%7F%9E%0F%F0%1C%09%0D%B8H%7B%8C%81%00%CAQ%13%8E%C4%08%BC%5Bj%A3i%5DD%5B%E1%5D%9B%F5%11e%B6%DC%89P%ADo497TF%AE%9EYV%2C%BAc%84OM%B5%DBp%B7oD%12%97%D3%91W%12%E5%DAf%C0%D7%9ER%2A%40%B7Q%EF%CA%C2%EE%09%F5E%F4%98%F7%40%E0%C1%8C%13%9E%14%97%DC%24%E4%5Cvv%CE%EF%12%B2%3AX%9C%B9%29%8B%B0%EBd%26vs%FFr%9A%FFj%8Fv%A8%9B%DF%CD%9D%E7%3C%96%AE%914b%9F%D99%9E%40%0DF%A4%F8%1D%87%A6%84%E8%D1%9Cs%19%F9%E2%E7e%A4%C3%97l+%AB
.richaudience.com/ Name: avcid-zeo-uid
Value: 72094b8e-cc65-4554-7702-c21a30964717
.tapad.com/ Name: TapAd_TS
Value: 1653476787368
.tapad.com/ Name: TapAd_DID
Value: b2c9a8de-287e-4ab0-b8ec-a9509daff152
.adfarm1.adition.com/ Name: UserID1
Value: 7101628724870248595
.w55c.net/ Name: matchcasale
Value: 5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.agkn.com/ Name: ab
Value: 0001%3AeGI%2FA0Ck9MNs3r83dPUohvMqJ3%2FNCAgS
.theadex.com/ Name: axd
Value: 4295156152577475404
.theadex.com/ Name: tis_FgL
Value: FgLeAtox
.weborama.fr/ Name: AFFICHE_W
Value: n@1ffaFbwj@f89
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.tidaltv.com/ Name: tidal_ttid
Value: 4779416c-7bec-4958-9a86-4fba10c267eb
.yahoo.com/ Name: A3
Value: d=AQABBLMNjmICEA6VW0YN8hQAvqfvZ2iWoI4FEgEBAQFfj2KXYgAAAAAA_eMAAA&S=AQAAAlBwRcNaMm7gN8ok8uAkEpM
.demdex.net/ Name: demdex
Value: 21781525640432367874033364658726620190
.krxd.net/ Name: _kuid_
Value: O27xLeWz
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjSysDK0MAIAvxWBZwkAAAA="
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yo4NswAD8EypMQAo
.dpm.demdex.net/ Name: dpm
Value: 21781525640432367874033364658726620190
.casalemedia.com/ Name: CMRUM3
Value: be628e0db305a0&2d628e0db305a0&58628e0db32760Yo4NswAD8KmomQAo&05628e0db305a0&f1628e0db305a0&ce628e0db305a0&e6628e0db32760&2f628e0db32760H8wOknXp1NTOQp5&c3628e0db305a00&69628e0db305a00&2e628e0db305a0&9c628e0db305a00&49628e0db305a0&1a628e0db305a0&6f628e0db305a0&27628e0db30b40
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0ffcc05c-a0f2-478f-8331-9662c07dc559"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTM0NzY3ODc7MjswMjHmtPw+DrBESXeiTXNh+OJZljkHGq+mhwm4ohMg7na0YA==
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2641:u=1:x=1:i=1653476787:t=1653563187:v=2:sig=AQFx97cWlG0xEJ-ZqGPwCDYn_I5k4_xE"
.amazon-adsystem.com/ Name: ad-id
Value: A5x_hexbUEx_nVB8OfYtRNE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.fwmrm.net/ Name: _uid
Value: "ebcf5_7101628724861086716"
.westernjournal.com/ Name: _awl
Value: 2.1653476788.0.5-fb37c3068c3df1645318bf3e74e5be56-6763652d6575726f70652d7765737431-0
.eyeota.net/ Name: SERVERID
Value: 16872~DM
.audrte.com/ Name: arcki2_ddp
Value: CAESECoB5mC7zddsCD7Lcvj7sZQ!20210804!1653476788155
.audrte.com/ Name: arcki2_adform
Value: 712156065992100998!20210804!1653476788268
.audrte.com/ Name: arcki2_TTT
Value: 1653476788269!918x1QRC8svT0Wbc1M25YNUgQ!H4sIAAAAAAAAAB2WO44Etw5FF6NYgET9yNDBCx4MOzC8AYkS978En+oOBjPoGpFF3nuuynzS7vZ85VlucXY2qTsfa35HuxL1JFvXhnTJq76Zu23JtlfJzfq57k/vW6meIjG6Z+n75P7qzfai5H5ntOoxTth3Up/zlHzW67l3m9lKsyynFbWmvoune5csq5ykXXMfU2lnjexvL7epNmInv6qn+MyUfLm7tnw0hJPUot1hMi2VbrbWunnUJpnKlvc5M7/2Vgz11aImecPVXDif7/t5I5+qJ9PQ0TvinRip9VHmbSdHvb+eOOmJ57lHa6/c22ukKncdKZ6XMsI+e8/6OCnkXhf3tXSkfk/f/Wt8+TeCFlmNk+5726Ouu0PTDqmn7ps5u+Yu92Sbg4e8zxLbR9ATDcRYbWXnk5v0kq2OlU/pwVSDz0zPamGLPe/dKLf2yFp5cheOP28VVUvb11lz85DIoKdgBMdpvLU12/KHOlIt4rO9yNcsctvHs7LWPN65r5zp74wUz9380Phs+2v8sjvRzJJ7zPqkqqahLK1qz6c1ze1+u6u3ZwR055FRWjtpV5FSA71FsBaZ6KnoyDFqmeNbY9lpfSes8emxITUGSznfecxr3hVpRySfR7esxkaYU7/C4+tYfnH769qidE3S9LWLSmSek1uvk4mtnu/dd60tt25PD0eo9ZmlxUXjhTnNvvjNV6mrobKCVNocUSZrkV85RtAOGrUp+mzjhkhh1VhAy/NN1sJbZxu2s6yuKE4PnyRrhO3Raeez1G701LbxdrKkzqfili5qn+NJrlt2bgXf7c5DZ1eby06PjujKGK9JoPxvooW3O1oH8trzNd1TnycZyOGbc5tzfeZEmbcw0VmmHhHE0BKyaeHyrX1iKeuW9dTG7nxVRKRr1rRVtwvlpikjOLzd3uXkPaPc3ftnrTTxndnYeXpduR17KHe+jJyqHX/2iW622j0UZW/0AktO1hjU5JUDIeA0T6as8NSK+TF3rxgFTDAs2XhaJ4N+aaz3WBMPrcLu9DrfN5Rn12hX+xor8aahxh5sPXz3w2FBOUo9w/p7yU0ApSOLlVdY+5S5snWt4M4bqsbRY6Tyxto8mAMC4bvevnKsBXq2UwV7vASqNByPwNCv8SWZ/68ZIPezbhnOSXj8dgM98zzKjebslsYqqv5WY6eudIs/Gei1XqHxwrCg78vb3CPu2Z2J311sGXpFFZykSEW1PGxc9locXDdGsNL7N6JRZ0MKAONgrOzT9zhbXaMnRyYmnBRfWLQvFhDbZbZjMM2K9WoqAox5HtiDu34AgnUcNmtfGHB0tpb0BaSBEPLFSj8fWCdSqPhfV9MBf1L3BvZ+otvQdyNvDF3zCGTDL6PIBqz9tcHEZ8fh7WA55e8cPqlqo1IqXadoZfe3gJ6+PChHi29UyLXrivDvpP1AA9O7Hw6Vh/qsJEIDXcHP91J0FqdgYKL6TCEWPAspMthXXDFkm3iS6JvknWPj3vAdmPm8fCcjKFaAWK9+mkvJt5EdlAPRegnFDnfR9TEmjuQQsvBOcSvldCMV0AF7mw2iDw8kOmUiuPGWL3kXjZ+CeRD+8PiSt1FOQqcRKwv+Id8fnz4HvvO0iyuVkvqH6oqKNrtp9mXDwlwHoqwFeryN9P+///rjnz//9y8CQONSpLCM5MrwxkCvaJOvAM6enT9VxJtJW9HS0Vf3jgU3IEgrn/kv549NogHcWkckAvEUkjN/vEP5FYxgMpJ3y9wgi6RIRl4UPQqGPkK0UWHN/lhiKoiynl7S8z33VcnDzkc9jKLDSZRYgb/rJnjgX5U9lGCgKObnygG+ONNl7fr19UpiYW6wESkHRuP3rCQy9jiEK9eT8ZierbJPgNv7JU48LPfdr8jaxQtM3E/Gn1m50mBkYeO94GsksVCBd64j18tBiqTcCxrvhVgiTzEaN4nM9KA/a4ffUOvVuAALrZTv3kEEVGY7PrtdwqOuwUVgX1KXZcPUD21s9COp220VXw2xleju6vjgEYWMD9BGCK5c64NXy7lyvNS/pwK3w5SgHPK3b0tucVcxLpEmXCncdMJXcoAF8z88BJDIoY9rvVE0sSgiYJe8ZHxRScqBaskFYnGHGYdrVZIfDLkOAgNIeskRAoXbISDn5hbfNuEfAc8VKBOZBFjjEre1fW+HE+qw4dL/AxghcD7sCgAA
.westernjournal.com/ Name: _admrla
Value: 2.2-be0a046eedc34e3a-b9bbf32d-dc1a-11ec-8bf8-23f942a103a1
c.p2r14.com/ Name: AWSALBCORS
Value: lNliTYIG64ZEYaPoc0Leq9HKXU6HzpyOhNuypu/Au9aBejNxJqEKv0fPEt1txQSEtx/DYC9CCxi5/jZ1nflSIZryeW5ZqqpqVqOyHrmDX5Xi3xNJ0E5Vq4vM4lyk
.pubmatic.com/ Name: SyncRTB3
Value: 1654732800%3A35%7C1656028800%3A203%7C1654041600%3A223_2_15%7C1654300800%3A63%7C1654646400%3A231_3_54_243_176_71_238_21_222_204_189_161_57_233_81_166_165_88_55_99_56_8_220_7_22_234_104_5_13%7C1658620800%3A69
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yo4NswAD8EypMQAo&KRTB&22978-Yo4NswAD8EypMQAo&KRTB&23194-Yo4NswAD8EypMQAo&KRTB&23209-Yo4NswAD8EypMQAo
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7101628724870248595&KRTB&23369-7101628724870248595
.w55c.net/ Name: matchpubmatic
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~252z
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:H8wOknXp1NTOQp5
.fiftyt.com/ Name: fifid
Value: dd4b247d-530d-4b2e-4e34-632b7bbb81dc
.fiftyt.com/ Name: cs
Value: MTY1MzQ3Njc5MHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fGEp1OPir5yaQFjBFFcYJpTELcczY77X8wRzdhTMbOio
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.fiftyt.com/ Name: fppm
Value: 20220525110630
.turn.com/ Name: uid
Value: 8145471905090246817
.onaudience.com/ Name: done_redirects104
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 3a4c8b4a-de05-4707-868d-23f938b5907a.422690790
.bidswitch.net/ Name: c
Value: 1653476790
.bidswitch.net/ Name: tuuid_lu
Value: 1653476790
.bidswitch.net/ Name: tuuid
Value: fab8b569-83e5-4975-b199-101a3ee87ffe
.audrte.com/ Name: arcki2_pubmatic
Value: 3C3BB220-B9FB-4A3A-8889-F4177C051D2F!20210804!1653476790271
.semasio.net/ Name: SEUNCY
Value: 50D8CC6ADD8A840
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8145471905090246817&KRTB&23150-8145471905090246817
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 156631:4
.pubmatic.com/ Name: DPSync3
Value: 1654646400%3A226_235_201_241_245_221_227_197_219%7C1653523200%3A174
.bidr.io/ Name: bito
Value: AAGj5k7FHBsAAEmb48_3BQ
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-tk2EoAPtRTXMXaXnMUVgMjMb
ads.playground.xyz/ Name: connect.sid
Value: s%3A5VCHP4RXhRL_BI0ZmaNzn9A8M3WUvv83.XQbx%2Fgs3fVC13V%2BLTmIAhHOFFJlWes1uBJj2WjFdOag
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1653498390416
.audrte.com/ Name: arcki2
Value: 918x1QRC8svT0Wbc1M25YNUgQ!20210804!1653476790468
.scoota.co/ Name: tuuid
Value: a2e13459-fd3b-4370-a497-24c442dc36a0
.scoota.co/ Name: c
Value: 1653476790
.scoota.co/ Name: tuuid_lu
Value: 1653476790
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-fab8b569-83e5-4975-b199-101a3ee87ffe
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c50994ee-1b3c-452a-6449-6fa8edf16b1f.OzwxMG6v7usCd2ZbkyyyArY6IlBz%2BL5K7vw6bxwL3Kk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AxQmU7hs8RSpkSW-o7fFrH8EbDhs.FZdW%2FQjlW17%2Fm%2FJcXvR%2F6oPniRId5HPKyPzJ5u3nTYc
.tribalfusion.com/ Name: ANON_ID
Value: arnseFNZaiMiAmemFmDgrdlptrMoiPJj2P9xqZa5xSymoqrWYqFMw3gBUkiGr694FUNOJiTE1AxZa10YTFiB5pw
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-xQmU7hs8RSpkSW-o7fFrH8EbDhs
.ipredictive.com/ Name: cu
Value: bb00e100-dc1a-11ec-8a25-c312b08c9a12|1653476790630
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-bb00e100-dc1a-11ec-8a25-c312b08c9a12&KRTB&23011-bb00e100-dc1a-11ec-8a25-c312b08c9a12&KRTB&23355-bb00e100-dc1a-11ec-8a25-c312b08c9a12
.creative-serving.com/ Name: tuuid
Value: 0b185867-8420-4e41-97b8-b03192d4516e
.creative-serving.com/ Name: c
Value: 1653476790
.creative-serving.com/ Name: tuuid_lu
Value: 1653476790
.pubmatic.com/ Name: PugT
Value: 1653476791
.pubmatic.com/ Name: SPugT
Value: 1653476791

18 Console Messages

Source Level URL
Text
network error URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/getemails.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript error URL: https://www.westernjournal.com/robber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency/
Message:
Access to XMLHttpRequest at 'https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html#goog_1776234890' from origin 'https://www.westernjournal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html#goog_1776234890
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327(Line 203)
Message:
A preload for 'https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9(Line 21)
Message:
A preload for 'https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://tags.bluekai.com/site/87734?id=72094b8e-cc65-4554-7702-c21a30964717&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=72094b8e-cc65-4554-7702-c21a30964717&reqId=acd8d04e-9e55-4b37-627d-4fb45a70effd&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ex.ingage.tech/v1/sync/eplanning/694e0c7c-b595-44da-8fa0-f57e1eb18dd9?uid=AIHh5Z%2fGncjhZ2fP
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563(Line 1250)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript warning URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563(Line 1250)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript warning URL: https://foxnewsplayer-a.akamaihd.net/player/9.0.23/akamai/amp/core/amp.js?cb=202252563(Line 1250)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript warning URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=3026586&contentId=319fbbe2-2732-4d9f-9c47-ee280e2f6379&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=41743eed-a1e2-4b7e-b8a2-9d92ea3f4327
Message:
The resource https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Frobber-ends-thrown-window-2-others-flee-mom-pop-store-family-fight-back-brutal-efficiency%2F&pageTitle=Robber%20Ends%20up%20Thrown%20Into%20Window%2C%202%20Others%20Flee%20as%20Mom-and-Pop%20Store%20Family%20Fight%20Back%20With%20Brutal%20Efficiency&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=ca6abbbc-b73f-4655-b7f6-f0b672cea0ec&frameUuid=7c02946a-fd12-473a-b264-25d3fcb4aad9
Message:
The resource https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
abs-0.twimg.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ad4m.at
ads.creative-serving.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
amp.akamaized.net
ap.lijit.com
apex.go.sonobi.com
api.foxnews.com
api.solutionshindsight.net
assets.revcontent.com
ats.rlcdn.com
aud.pubmatic.com
auth.instiengage.com
b2cdn.automatad.com
bb991d6248c65966f9353da814a2768c.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
biddr.brealtime.com
bn01.er.bemail.it
breadbalance.com
bttrack.com
c.aaxads.com
c.amazon-adsystem.com
c.go-mpulse.net
c.mgid.com
c.p2r14.com
c1.adform.net
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cat.nl.eu.criteo.com
cd.connatix.com
cdn.id5-sync.com
cdn.mgid.com
cdn.revcontent.com
cdn.segment.com
cdn.syndication.twimg.com
cdn.watchingthat.net
cdnjs.cloudflare.com
cds.connatix.com
certify.alexametrics.com
cf-images.us-east-1.prod.boltdns.net
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
comment.instiengage.com
confiant-integrations.global.ssl.fastly.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
cookie.lmgssp.com
core.iprom.net
cr.frontend.weborama.fr
cs.media.net
csm.eu.criteo.net
csync.loopme.me
d.adroll.com
d2s3kjdp77ms5k.cloudfront.net
d31qbv1cthcecs.cloudfront.net
d3l320urli0p1u.cloudfront.net.
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
dashboard.insticator.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
foxnewsplayer-a.akamaihd.net
g2.gumgum.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
global.fncstatic.com
go.automatad.com
green.erne.co
gum.criteo.com
h99w9l39sa.execute-api.us-east-1.amazonaws.com
hb.emxdgt.com
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
i.e-planning.net
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
img.revcontent.com
ins.connatix.com
insticator-d.openx.net
insticator.technoratimedia.com
js.cookieless-data.com
jsc.mgid.com
l3.aaxads.com
liftable-bq-streamer.appspot.com
lit.connatix.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-geo.s-onetag.com
onetag-sys.com
pagead2.googlesyndication.com
partplanes.com
pbs.twimg.com
pix.eu.criteo.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
product.instiengage.com
protected-by.clarium.io
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-csync.smartadserver.com
rtb.fr.eu.criteo.com
rtb.gumgum.com
rtb.nl.eu.criteo.com
rtb.openx.net
rules.quantcount.com
run.crtx.info
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s.e-planning.net
s.go-mpulse.net
s.tribalfusion.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
s3.amazonaws.com
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.mgid.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
soapps.net
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.foxnews.com
static.hunchme.com
static.instiengage.com
static.solutionshindsight.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.e-planning.net
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.tidaltv.com
syndication.twitter.com
tag.1rx.io
tags.bluekai.com
tags.crwdcntrl.net
telemetries.jeeng.com
time.akamai.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.revcontent.com
u-ams02.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
users.api.jeeng.com
vid.connatix.com
video.foxnews.com
video.twimg.com
visitor.fiftyt.com
vod.foxnews.com
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.westernjournal.com
x.bidswitch.net
yeet.revcontent.com
dashboard.insticator.com
imasdk.googleapis.com
104.17.120.107
104.19.135.78
104.19.136.78
104.244.42.136
104.244.43.131
132.226.41.106
138.201.8.249
141.226.228.48
141.95.171.142
141.95.98.71
142.250.185.162
142.250.186.98
143.204.100.40
143.204.103.41
143.204.95.188
143.204.98.101
143.204.98.110
143.204.98.116
143.204.98.122
143.204.98.16
143.204.98.17
143.204.98.4
143.204.98.58
143.204.98.60
143.204.98.76
143.204.98.86
145.40.89.200
151.1.205.165
151.101.1.44
151.101.129.194
151.101.130.137
151.101.194.137
151.101.2.49
151.139.128.11
152.199.22.191
159.65.196.12
169.197.150.7
169.50.137.182
178.162.133.150
178.250.0.139
178.250.0.157
178.250.0.162
178.250.2.148
178.250.2.151
18.156.0.31
18.202.70.186
18.207.20.6
185.15.245.81
185.152.64.17
185.29.134.244
185.33.221.91
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.87
185.86.137.132
192.132.33.46
195.5.165.20
198.148.27.139
198.47.127.20
199.232.136.158
199.232.188.159
2.18.233.201
2001:678:cb4:bbbb::11
205.234.175.175
209.54.180.144
212.129.3.112
212.82.100.182
213.155.156.183
213.19.147.43
213.19.147.44
23.205.235.133
23.205.239.15
23.205.241.117
23.206.210.112
23.216.77.18
23.35.228.23
23.35.236.188
23.35.236.201
23.35.236.247
23.75.240.210
23.88.75.187
2600:1f16:bc:1202:2958:48a5:15cf:db06
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9
2600:9000:2156:1e00:e:6579:6f40:93a1
2600:9000:2156:2000:6:44e3:f8c0:93a1
2600:9000:2156:200:17:5bae:c7c0:93a1
2600:9000:2156:3000:10:3422:3f00:21
2600:9000:2156:6a00:1c:386f:ec80:21
2600:9000:2156:b000:d:99dd:3480:21
2600:9000:2156:c200:1b:5138:8a40:93a1
2600:9000:2156:ca00:1c:f0ba:c200:21
2600:9000:2156:d000:9:78a:e540:93a1
2600:9000:2156:fe00:14:248f:8500:93a1
2600:9000:224a:2400:8:48e:53c0:93a1
2602:803:c003:200::41
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1957
2606:4700:10::6816:39ae
2606:4700:10::6816:b7
2606:4700:10::ac43:a93
2606:4700:10::ac43:b63
2606:4700:20::681a:9a9
2606:4700:20::681a:bd1
2606:4700:4400::6812:230b
2606:4700::6811:180e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:22::14
2a00:1288:80:807::1
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:802::2014
2a00:1450:4001:808::2003
2a00:1450:4001:809::2004
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c08::9c
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:26f0:3500:3::b818:4d15
2a02:26f0:3500:58c::2313
2a02:26f0:3500:696::2313
2a02:26f0:6c00:1b8::2313
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00:299::2313
2a02:26f0:6c00:2b7::5fe
2a02:26f0:6c00::210:ba19
2a02:fa8:8806:13::1370
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:24:b001:736:16ab:a44d:3496
2a05:d018:d29:3601:d804:38dc:9a29:ba55
3.121.27.153
3.124.7.106
3.132.38.126
3.210.171.28
3.217.122.222
3.228.116.73
3.64.102.19
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.120.247.19
34.149.20.76
34.252.92.160
34.254.143.3
34.95.69.49
34.98.64.218
35.157.1.22
35.173.74.115
35.201.96.126
35.201.96.133
35.227.248.159
35.227.252.103
35.244.174.68
35.71.131.137
37.157.3.28
37.252.173.22
38.27.122.126
46.105.202.126
46.137.148.84
46.249.52.248
5.161.47.120
5.178.65.246
5.178.65.253
51.210.112.63
51.89.9.253
52.209.153.41
52.209.163.249
52.213.35.75
52.215.230.177
52.216.112.245
52.218.169.136
52.22.207.129
52.51.108.222
52.54.238.249
52.55.141.237
52.57.222.106
52.95.119.178
54.179.155.135
54.195.231.245
54.227.164.149
54.236.193.228
54.76.30.252
54.85.127.29
54.93.71.13
63.34.67.128
66.155.71.150
66.155.71.25
67.202.105.23
69.173.144.138
69.173.144.165
69.173.151.100
69.192.160.219
72.251.241.204
72.251.249.14
75.2.13.80
77.243.60.138
79.125.99.212
8.2.110.165
85.114.159.93
0084661373648e13a89ffc56fbc501adb62524d9c85b0a3ed56e7ca809ebf0c6
015a582703634dee0147f435b56bcfc4923402892ab5e121dd628105cab106a6
030ba290b8dfcad619974df808d6aa3648e942a6ace49c43dbde16516ca57496
04b23695c5196ff9c1a5049ce1bddc19645a6403e1f94a68427ea893e460cf90
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cec1f5d6ddbd571ebcea93c0d7b118b301b5a90d0dd01cc0fc3ddfcc7c5463
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c6c069d5fdc30190dc60080cee03972d2d3bd56683dd9c9cdeec954f727c949
0c85f03ee7ffd8a409d628d4b368b63454b8f70fd43c2747f88f41df5dbc23f3
0cf8f5ca8242f65e69df8e8f68f1b25846c832f17b54e028e04ec24281ee65d6
0d3f3ec79819a57bd2a4f95fda2cd0dde2cd505eb76885af0ddfd8b9a521eef0
0d94c6ca41ca0297b5db7bf3e86df8e667dfaaa28306512ee47f5321cbdfccfb
0e5fd01905cff04c4495f44712d6538c2ddeb43b72f3f907230164568a30ffd7
107efb180fdc839cd0c0d138c64525679bfe24d23a45dfe2d707a3d9ec03ed16
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12c71ec7bc2266e6e5ec17e49630fc4d640653d5434f9d0ff5f15db1709dbf23
1302a3f8cf9623bca8226d053597fc10a10919409211f9959998a1828632cf53
1390dcd6713cd7195838917a3fc08f728ef0915a5a925c8b3bb2e29a99813eed
1395b6de5c646b588c90c818be678f6722d18ade05957ed95f2595ed1f85ee67
13f7a0a2e608a1bba799dac829a71aa2be5a7a49ee45b7d3f5e9c8ca65ea99d7
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1555c077f9ff6bd1ed77ca5d642dac9424091999f4ee1835133ce2a0f34631ff
1798f0a9d19308f6ccf1923ccd7377652467fc81bad168a528a9ca043f5b16f1
17deb6e732f2018ebd4c78f5ec12c468c697ffc43ab3407a3d470d4e1121de0d
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
184f7dfa6aa53dd1c2206d76053792666041e2aff178ec03c279322f7e30fea9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a8f038139aafdb6514f2fbc2281dabf4a9fd7755e346da477c2ff9faa3715ef
1b67d9c5c42d9a52085758447dde784ae495c885bb7ec9c7664e3c143f20e490
1cbfbb0da199fb4d9cc80e193b02480a6e5ef62577eefb68861c74a7909ccc2a
1e1dce61ef40c2919dfa51bef5f7593ef0ae8c2f80fd15408cd107952b25b567
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
21f6baf6f437f5ae0d94897041095becbd1c836b75f5111bd2c2c620f8a4d6b7
22746e68f45d764aaa3b9ed615c74a18de62f6a809725c9755010dddb56df931
22a8d2518f55a68cee1c79a8e84f391de7f2514d89f07745870bb5202aa63a75
2323bf25cbfed2f1982e739f61ae5a645e288413119668c8b3fb430c73f01e6e
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
2411c793f521e4b4549af40a97c9ad3bbe3cca8c2013b7f8ffdd5342b89c070c
24951b307c0af85dcdf2e73cb4ba54a82083373ed18081cc400f81105d2325fb
26946852fe38cd34ff4e70cac90f08e721f88421433cdc8e39fcf0e0486b4ba9
26f7affdd3cdcb2a9a3ed9b935009b5b3b9c610ab5800a3f2554341e4143dd36
287d6c6ff4477ced7bd93cd1daf4cbd0dd741c0d1da858d0b7c9f074259f5570
2a536619d5ea5e13d08259acd4e46d5e829f8e2e3935b0d9003b9b36d1589725
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae3bf4ec20c5838557667f965a6bdfdaaa8477a296ea7eb24ec725005e6afa7
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8
2b295f964916143b317c6fc3979c9135ed238a63e71fb52f0c37acf3753d3781
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2bd95507dffd55a1bc592eea6df5067891d1de88d52afe69c95277b167eca7e0
2c7874efa20417987a537851b559c58d8490a4cb3079d8bb92333672ab40cb7d
2c8cde1232c78b6613b64b02975acdd400e374e44bc4fe231a1a60d07fbcdf06
2db88419ac5d17f3c4fe02a3c6d5521f2552bd1edb9b3775433e4d3b81cc96b2
2dd03edf39ceb2293a5942ee1925932d1efc47ac74080ca2e2ddd0fd2d35741c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eaa5b6616bf2c7233c3e82961a03defbef0207f35285b195b26e90f46242506
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb56c5cfd1409d24fe21b0ec48ea505159c128b0e155f283fc632818b621869
2fdb53df4e402567f5003ae3b5f30885f26c1702849e6f813f531de975dc0180
2ff7aa968d0a73bed3a005cce5f879c67967ea06f7daa04e8de3942b186f74cd
30d051b67fd0a433d2d5514fc80699da04d78f61bf29728716d7c5ef52dcaf0a
31b8841f45f209e9353685457600eec05a1657e89641cd8e9d9e483a357ff26c
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
32d1c316765881cc94ccbe2ea9d19cab52f1282a814e67249315de45566e9ac8
3416c3e86558ee22c377fa8021fbaf90cb6859e423c7b73182a8caecb5c83ac0
34a3b7e4656324ab31c51879f31cf69342eb5363c2c029a8a25dc641b8b6d281
35cde474cfe63eec00ec7ad0ea7afc9959eebe8a6d84b35511079964ce149ddb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
37c86764f33e1f10ddc13e7a5d0e82918084822ec862e8bb5d9451cc36323c1e
3b01ccdac1b172c5266f557ae5601f5e600fef7bffd94c02a794b7c9903b1671
3b12a065888b59148f1fc166020aa2f689d4ce6f1764c9cb917d7c5fc1170d80
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a
3da7daeb348e147594792a28e2766e204d3123c4dc79432c78fe654dcb26ced8
3e2e45442533683ca47cac19e522a7f9b95effc7a6251c0a6b1231d8b7c2a854
3e970dfa8dd32731a548479e02ce936b96864633f9cc2272c50cd952a2c254c3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e96d7634ea6db5e2e5a9a3e116c51893ab48b544b217cba7827511a42efc6d
4182666b867c3a3a51a46d83c47655c8b6371ac57666a87d998e06bf4387771b
41f64ed4dae4ed5a43f286576fe8f0c483faaec3adb7758cbaa80b761e26f68b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
439f25cc4930bea9d7fc5f138a4922527b246f281128f616a45483298e50ae1a
43f89f7fc4aabb3e5fe28b7c5ad63d387be7b1312833b8e59586a34dbe23c995
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4446f3bf104d48208e1daf254a70245ab4c79ee90b9d471002166fe74c68e933
44dbacdca61267c79516e07f1705ebb36e1778f878d14fb3c0c71847cf15c37e
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34
45f9639c4d344af259aebcc457aaf2b825727820d81c7db3808129148684cd56
4663fbcb6ece2376df5b0057eb81ef062d13997e5c556146e3eb2b0d918044f4
46fa1f76e8f2cfbebfe8c5aa8737520b896e1ea07f01e5e2277931d8bfac0304
47324606dcc35439ab3da6273da4942b0961bc1e522f7f51c4269b4f75858062
4788d71adb2cf6e85caf38fbc761e189b0f0f462f0b597308bb4c7e1d112b900
47f939d447b1f96bd45972df4f933992f168f2a4d34d981a225023cc0559f37b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49bf7ca24faa57eb3661e6934fb19fb17b2ef808ee65c65cfbb9c76184564710
4a225a6ea939f38eb6bcdbde85e588b4a04096b2d0c7fd9199a965cd2d9af140
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b2afecf587c031ea8cef56f84458c7674a3611df6cb7de095757054afe7bc69
4b9ee22202c3e2f652fa65794bed73503d2534168e813e0c54a88d293f10c94e
4ba1bcaf0a4027f973e0643a588c4be129efa41cf3ba75e3ee3ed5f151d7fd76
4c1ceb6b1a57770ec0af337d9edc9e4a3b65d7d3773f410226790b332cbb2b2a
4c90b1c69476f2db6294323a60dd7cc36da501c7f60dad9a97990babfb87ef6c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e82f7358ecdf8b9b7bd1ba09b899071aa026dd07192dee4bb1c3ad9c29b1cfd
4ed40f0772bfe4113e2525eaceeac729a2402eadd619a1a29332d5850be57de3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f62d0f0a54abb58296eb05bb7d2d87340d9ba63fdf826e2a9cf391bc7770437
4f964a885c549b6269899535f5d6a644726ce1f9963e551575089891b72133f4
4fe8ed02184e61ac93a668fe114ab2bf01851b3c2beecd497ac0a43996f066bc
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
51231af79e3740fe49b116d4cef74cdfe64aa23911dbe2c35d8f63f7f73e0be6
5264809f3c74ef6f5ab5f0253eab6911fefb461b983c67a5d8bc261eb15fa156
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
52c19e156be623c2b03edbf619561b9ce54fef7186e33dc7152bb17b7cc2f1ec
532da24c7bad7bcdde437a34f03a4866059925aeefac6908a2043edeef21df9c
532ff8614e981dcd81b21a9efb5347629e81c290f4d4e2cd0da93b0763b4e549
53d97be0bf778f689b2557478041feb82ca07f46e789639bb1032a6e64b927f0
54ceddfe3867f2a83d882ad540709b2c2a2ef565f8f3e9f6404454ca62e9d246
54f78fe5c2049ab339d5e71ab4e146891aa95b4c89afab213bfa76be801d865e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57160113d844b3513c94322875b5efa92f1ac34541066bb84628d1d13074518f
573f0be502559eb5ef349ede1ac802407cd2228da8e136ab2cce5d86b9d20f6e
5743da1c5df75bcf9c6d7f48b2f1c798652ee675e433a7b5f4af269a924c3fb9
57cdb00e25a93bb85f6abdedfd0d040d7d9758c2ad9b40a8eceedca009468891
57effcfd85a27eaa64041ce7685aa6f916bfa72da741d9d7fcc2fc5d7fd403fc
5a6e75d35d7449b48533305b1d3c0e2b779a91c2334abb413ee55d476b02316c
5aadd5c7dd3cb6b86fa700fd7cd8d9360457741b1cea334fff4e331e49f2cfb6
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c10294759361db406bc439858fda55836039fcdafc10f1d14030ca6ad4c8cab
5ce412cda2cd796180236db560424758fb02c344578b61c6e4be95a11366a47f
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5dda812a740330e433a068a9b9f612408b59fae77134374987757b9e01d7d3a4
5de1d1b3bb2946f6e2a697ff3c94d88f9bc4622c34cb7945ff348314fe703c0f
5e47aec83e2829920e84c224a1806fe54122b276714a0f121292a2fd57de4718
5e794d4a1df5f1c1035c15d1f24e115f9fdab9be376f12754239b981f61bf887
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f996e2a45cd1f5ac1d96ccc8f21ad589a8b0bbb37750f457c40c26e5c8c4248
6080df858f81b0a3c906ebc8097088f92bd4d5b67b7da878b1d6a33b0fe4a397
609cd529b1a107a0caf552873c476860dbe349814ea8cf77d42252ada08f1427
613f93a1059ccceabc8993e03c101327dfc2ac326beab24265590884aff70b84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62225a936cd460edc9967db0a7909d1f65c3a4a2bab80814901d7dc7dccb0db9
6264e6620ba1cf0e75686f823117f332c3c165341f76eeb220eb116ec8f98808
62800ccdbac18a0811f3ab41eafccfba4b46b1ee2a4c39e14d60d7b508014105
628e7e18f1863e6a8b9f08c6676fecd8a8e9105bee25cef8e0972d4448be5a26
62b994e83624d746da4862895d63dd1fda14d7e851270b153f5335a9b74e17ff
6383b9928aad6d49105da8696262ef78f70a9e0bb469396bdaf90361e58078e6
6386ea013071217755d9a338da272ee8412ee5f89bc901fbb84d5ce774250b67
64258efa2519147855e507870ae1bf845fec24cc98767fa08652c541744c4f00
64c9643eb0abaefbd603f4f5115b09882c7fe3979cf51aaec99557ec09ac8753
661b47b1393b43fa76b501a82b7a77acfdda73961ff2172c0176ccec572f31d2
66209bec2d6a6e5ff98435e03508825e6e50015917ac83302f4b438603d33476
6658f4aef05836b69ee100eb23700e2e03117774706b694b6a296f1129c71882
66c207905f09165dabe9c7913f5cf3540c0e02adbacd0b1c65ef1be3b20b5745
688eaa3823b4b7980867392aca198c45fa64bcffb06a3ff279f366f0e66c5789
6923042b81eb27352d3150b07fc588b5dbff1a2734bf26daee080111dd075e9a
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69dfa672cb84dab2345cb446072d31d4658de2427393bd3e2cb79410f6c71dd7
6ab3db63edd88181abfcc082d9c35fde0322f12c4a05bfd56a6a2a8b5275ee7e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dfbbaaec8c97d04a6d789832533eba4decdabc21dd2c99a2294229a15be9bcd
6e2288265e601a8f975bbac243c8463fe639ef4fc7f1562147431f289550e899
6f4a40d05f513289ed506248e6f7f65561ea2f8424899a218701fee810c62941
700f4e0b9d4149294206ee21a6f78597fc83b0f56988d4d10c85a8976f7fae71
70bb11662604b3fce7985f117170c0948ef581759c41e8b4f3214a02db887945
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
70e655d417518e626f55217b96fb61339e66460f196d7c999e968f085416361f
70f4d15966c515898f738808857b88916701771db963b82919260bea2b14f80e
71dea17a3db76d8ec32cf1a0cade1c392119ae7459a880aae1fa78bb8f22b992
71eb79f43875ee192ac190979a2a3bfab225f89ac544d048f767c1b5f5c55f27
71fc4aeb6cac3b9a2b29cbc283f9897dcb8d4690f8118e798e1df6d07338d6af
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
735f1abaa77b0fb510261c9e7aa05ad695af92b888f85b6604f44d8653ce79dd
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b3510b4315f2f3218db3084cd5896dc3adbf1fa4d0db4e5a6bb6705e2743f7
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18
7837ff7ec4d79e3d73a28979862b0f5b277ffb55d97df3d7ce9549677143a0eb
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a4645fb7bd66c6fa3088677ee1a517deea83df27006a147e3dcd64387761ba1
7db3c949b635adbb4d643393b77c0cf0f5cc12c5ea71a9d52b1d779f99d9ee70
7e1b3b23b467b904957d0a6345d3cb48082e65ed4d26a716bb1f3a91e2606596
7e312900eab0a2e3a2208834b586ba29e4ba07661940b8321ada34659b817b8d
7f2eb2a201b5176b9b91d468c909cccbc8e7bac60742d8483eb5da5a95e80e2b
7f34705442a3c560a451fbb5aa9ed4e837566951dc8ed8a028e6cfa35d0a8367
7f59f56f029391f1d09f1e62f99e526d0a1b6cdd209bd7b7f3b387d69e7a2aea
8268b1ab77cdb2423bff8159405190e4c8db1a55287f20d4157bb42a99503e1c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846339e8fd4f5615b523b1b65423fa2cee96e43d63398c9e2470b4160129723e
8478fad0641bb92a6a8a4a8e3189a40120a94f9038c6c393bbde1d7cd2558c3e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862c9e3fe674d312ba141089b4e8adc455ba2f60f52436c3ad1a709481e8ce65
862d3ac7791eec8afcc2bdefc56b64a398d993475a30778ad649113c6abe92f0
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8717d1b4663b3365bf17c1b34ad380781c25a90cce2e819ff91857236ccd4c9c
87ecdaf28a0e9098a1bef87df9abb1c1324d1f81baa7b4a6ef7a608d2c7b8ae4
88d775a95cd0d49c6c4e5c3d7d1b442bd055e01cc38504b4b793a6e46890b21d
88fdbde568bd019ff9178056845f4d01cea311a8a33270a10cadb00a786bc8ec
8910840dd5782d5f300f94678e29aaa54d2ab4dbc4376e0baa79ab1a7213cb48
8993847fc5ab8598921a6022687d68c0efd65ba5e26f8b970ad2b83466edce8f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8bfdf79d9dcc07585ff31f266d0725a9108122726ce789c7997d2d301a3257df
8c2ab324a7ae790a41f540126678d783806829f0107c58c11ce5ab74a8a58eff
8c538e56c50a40eff2cd74c976926806f9b1579569abd6b4cb6f3f503deb530f
8ceb50d8f86029f76e351eeee3967a64af4431a1138bccab062abe9e143c6829
8ceca0c3e2a9d9e54953aff6d1694bfcef913cd1e8c230236e360f540b6ca655
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e61740534a2e504dc51482175d5c9c75e219d1a0f48ca6af3fefe9e0d0bdb8d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ed1be6f37ce9e10052136a3a8836f24158c0463aee6f751b39e67d22a89e630
8f45fbba45c3a729e1899b6be117b415c87b28057586cb92001d45fc11c08c94
9005d9e2fc2b5a7516b6756d055972ffc7134d17084d99457b9590567c4fc330
9023ee9607ec74dd7b47a95a43cf6fba4647e61d5a9026e02b3c63fec8ed9f47
90351973fcc85abfc1ccf1a58411ed5721478be4c3f954a5e5bdfa716b5a87fd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
931750573d4728b1437a7a6769a62596c3f1f011554e2e3f401c7dfd9fb18d16
93ecbab5e299010bc35d9f6fc053bda0cb49c4ddc17c94580dfbb363026e9ffc
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
954bbd3f40768c6f1ff787924ad7249aba7173e7cde1d893e93c0dafde73e780
955d52cc72ac23b29b663e4715261280ad75e64febb8b61dada05e08232de2a6
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9621992c0df2048c8da0de19be2d8343de514dae4aabe63b753bcc916a94b547
963fb8460c0f17482a0d778c2711e21b8761f4a368ce86af35ba1b27d5df92b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a020e32827b85d1ba97161ddb9134bcbd7ebd16322fe65d27679452057d506f
9a288c93b1defbbbf5cd22f141fc2898e38edcd5c222b2c326ddc49aa67bae04
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04
9bf63efa2d77c2328eac9cc2515a27ea20e4dc02be884bf7b3a6394246eee27e
9c6d61841eb52ea462c92c3d06218874543ef119ccb7e3b43c93e84f0ad9c02e
9cd16507a881df835e6c322aa8883c5ae1b1b2ebc10bde5a3c54c008c71abbdf
9d038ff4ae7058861eedf4bf0230a0e5602c4d1a1c78e3eab15ffe2ae7670e82
9d170c118836677fb2af57bb0bbf7f3ed11de3258b6586b9a3b695943ea1c2ef
9e0fa38a4164a17e5edf089c6a218aae1e40770c759050eae1cf8402d9275bcc
9e61f672ed52a7160304b809cb2f04be4bcdb5f18039daaa1f48a8b224475bd4
9f52456b12e2bde44ef92e5c17a113e3e3075a1e4977e97f41ea77061871d03c
a005359cd3fe7e4cdad88e725b464fc499b5edab12532c3732b51cedd137e66e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1050caf354a85c273a42414764560ed7f63df48f3c72b769e0c4f2bffe4398a
a181be9c7290ea6dc53f4d7c450519c5928b0aa685bcd30436dc5bcf1713f977
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2244f2f39b38ed2ffbe0d88584c6681e464247e1bcc85bb5cfa553ed409e5bb
a24222be11d1521cb0a1901a821cc7616256257939ec1eba3445a891e90a8a5f
a2554157c56a548594be0c185bb175e55d1833474221aa7c3b0d44fed2bf9027
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3508c11d37cd025a4f70a9ced5e095e5a74d4600b11ef201332d5a5583ecc8f
a367ee81a8487c2297c3183c14a48a938f9a84ac6ff25f30b5613bbc2e7dc220
a3bd5bea68be00668989516cf333d2640354ba56fc05a68214ec5e6907e4658b
a3f00dd1a2a1a327a70916b978d0f13c9710341497d70e8ac8203727ca886367
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52980b2600d3d00735350c0f73b766194f8a5d98a8a67b7ba5295026439e56d
a54c284f86836501aa243b5bd578df6ca8f05bc65fae0210f249189989adef22
a6190e827506148090c19c2cd5bee26dddac06cf88cabb0c629d246954403877
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a72ceeea0850d2a69bbaa8cd5b8eb4e662e6769cfaf71b1bb99c82d2aef77062
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a750b7acd808f5d63e7904cb75ef2f2011a999a868cb7592145158563b6fd1c3
a86a71b2f97e8da3c68fc6a1c8727b7bd441808ced5916b2482b4177c5843dff
a8d954805d2f201457ff80369efba6555678a0049f0da5156e12f940c440778e
a9180d4efbd2cc9bb1df5d3a43ddaabbe126beaa39e7c22e552487133bfc4fc2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab5e49c237e801fd943499dfd78dd7408287941020fba9b13cd23212ce908f85
ab8ea95a15308bf6f93bc0ff03988c286e6d8cce8b110748314abcbf1fa49938
ac137d115cba22259aaad737fb6d729b60cff187619dcc4242ed6e5521cc9556
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae0c46f3225071421afccf843d9475422cf405668c69fb3e4e40ff57ae9e165f
ae64c4fccf5c2dec69bcfa480b61f7a4b38af9c9effe8de5a86bd000ea88c74b
ae9199ddd05bc048e061634ce59a3c38c0698dac83e1e8500d382b898d2909ed
aed7bdfe3ab9dcc3c6083da7535d761af18e19f07582bb6f9d9258440fa056db
afb3ada963db430016044a2ed9373879b6b66f3909efe89bd5d0fa393dce144b
b00bf33297ea9cacd6f7755fb85d426cb82c86c283c667a5c8b95f8d4812a22f
b00d20815da2ed22c6e3a4b6e620c61dd7d021ea1e4b7ab4f1c8aa1eb0b45894
b04942d2dc530880303356e29c1849438b007313759ae4d0dbb39fca3005ec35
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b6e3a1887bb29f6f38c2fa31ebf4a77c12d1f559b72aa56c9d2f4bf07a2c0
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
b41a17e937ad1280edb17ba6dc49ed70676cccdab3be42cf183b51b8287aff5e
b450786fda74bfcee3cfca92b6bfaf9729e9edaa544ba5227eee76a0a6cf504d
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b57305f6f6e2b211af6c4d6a073d3f2eddb50805b33f9a0c3323a36bff0c69d6
b5ab30288f804ea0ac64ca243145f49feca301b0d2a8a3ca7dd3ed85bdd2e4f8
b6307d61708368ef2e357eb4c12df2bd9e8063336fe4e38da0a3b47e0141764e
b7645547953b705cc8ce18203032546158063657a0bd8d256f82d4d91b4541ef
b8ac424ddb4951f630d83dec2f6f214cb38dc44376b930f6e0a101c7b904df7a
b976ed02a71725553a822a0d1417066208622a8419d5877e464ea23b462a7b21
b9a122e608ce504e809c0cd8c2cfcb147bf1c311bcf28c9a576f76e8f9567cfd
ba12455f8177931c03a52e0465a8564357da7efe6fa96c263b11aabc5c16f0ba
bb3e8a92ee4b87659bc5cf4b6acb66f72b854337fbbe60802dfd4e6d55ae8642
bb58c6d3a02dd8042a7329d9b97909db57995538bd695d84694633e027fd1ffb
bc289123775a6c62fbe4fad0e619f6a2090ece2b82bf7bc43ee4674aedf06980
bd435703ebe3b096a5ccd9f00b349e94765945fafcbef21dfee57577aa1abe49
be36dfbf79459fb834d7660117f55a0dc5dd29ee4e9c3d775dd8e5c78b05b578
c05140f2f6ec553e0ae382190131b3d650eef7afc4f0e8839d710d15a431d57f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e8c7ffd18fee1a209683f34a9c118ae8689ae2f36c0da3c99376637d605a14
c4feb9bb4d0d5e22257b1c47a2b663f402f40fbc8ef314a40db7b6f49647ea52
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c74f2ba0a2c851e1b867152898803065e070fed1fda88cbdc3acd6842e368bfd
c763f9182f048caaaa5ae766fea3cacaf8a8b68af18242da389903e050cc3ee9
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c84ec5e2aa9784303ce0e56edeb3379fdc67bd2eee5bdd86fa71fca694c91d54
c8ea83a252003ab0baa8fb4a323192cd71849dc6362dd2bc532a31c9ffb2c94a
c8f3c3fdf4e51cef18bad6854ee5797ad671a8222f40e0ee1c1ecc7d4046086b
ca534cf2ba32bb9ae097ac3c94721241f7e96c6b8121b8ada67a393f192d7420
ca5ba8ef6f450601e92086cf31df10afdec489565691d33254c0ded1bfafddf3
cc31f3472bf312cb0d1e8e67a5d29864ac1400e83697dba0d5c7abb6a9d6895a
cdd3dde0a9c166cfaf38a9bbdd5210336cae8f7ecb0eae038d2f03ebac1c757a
ce11084a8ef0ecd25054eeca104c73441c66e8fc09c1bbc4b61bd8f1457f83d9
ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f3e01f5c6b35ee75f07456af79f93e9477f1d0e167a6d82b11995a9967506c
d18855381c9003e6daeb03a74afca308861aa0f1000ae7c98b8b8cb622d57af5
d1a9c14c4578ecf85dcc7703f9b9336627e59f33e681b4da95fcaba7371dc5d1
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d342be7b065b36dd1e6856bcf5a432b5d2c277d27555391ddefbf1df3edb0fc4
d3e11d117b4e1bf26fb8b03488c62379c46c25ecae8d73279701de0fb63f2201
d57390a8a6e2c8a9651424f56260be94025551dc357b31a57c525a194aba327c
d5971f631d8c4068fb7c19eccc9d738ef13785a1fe5c22184a394b5bf5f5130c
d71e8cbdb53102b681f51bb059059ea3eb93148b75426a076f6c9206620b1008
d7a1e8910018f300119e7c590eb46936de73d05ad3dfa1d5e0d070057615fa03
d8b69648b96cfb7a9d0ceb6f650c0215466c91ed4f52e270574ca622b099c113
d8d26986018cd62496d1071f0f70b61a92574a009ce90c360ef3c36a4a2b6055
daeb7eb5e28b2e9fa737f3b056309aadb697d3643bc45dfacce761ec79a5212e
daf028afc101da7201cb211f9786b6a36f6bf60ad836dfe991306140efca2432
db1c0f6df7c5e6fc42335430683a71e28f19c39edeaa60449bf5e0425c4ba963
dbb4d195a3d11fd3d83c816a7bc07a3a81700c5b3aabc72e18a1193e8e8e2473
dc44e20529bdeea0cd55ac9fe85b6a6bc91ae3b6198ed6451c62c200a026fc23
dcb33771d5d75a3e6bc8ea05e903ea0bf2a76c143cc75563677b5b173d37efc2
de088236d4b4043c0ae5dfb65f856b1ed6c81bcfba89513d8c38d105a0e8a416
de356c973c732d66a8c15b9822c944ba53a00edd380d6fc00822cc687ec0f46e
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6
df1bfdeb4012eb958a83f652311e16d8f2e1a20a59b47eef7994078fa8ed5218
df79fd46e22e37c39e019c01efef8136306f14ebd17bb4e780fa0ae2d96fbd6f
dff02e9bdfe4118493203d95ae6b0bbaa9f21dae437073fa2ddd6222758f3a8e
e0c17714481585743b5f37cd468ed3c166bb9e05afbb9511c68e4c7e0da28225
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1bb303d2386562a7588d74570ff7f09e5899c737d88ac7a35eb4bfe35ae7308
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e3a4032a23d7f94be7a6b3199fc6e227d8933d280fc0d3d3d842117a61a7dc94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e536a58c0be3a8f3982ff9dab8b014f48458b9a41757619207be685f0125e4c1
e541a26245742f30823b106a8f76c333d92d551c598abcbd6f26acaee47ef9b5
e59b06972fa5e7cdb4ac416c049d051fd6fbeafe1b8d80ef52e147faac27e1ce
e7d27dadae14b5445558f69d65d7412403de70d0d332bd9ab77fc0aacd14cecf
e8188610943da4524df3f356b04e47827a5e62a7955c97a8d3319ea75279d652
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9d642fa3d01df57972136c2a3eb324182be6dc1aa6f60a48e77ee2e3e0326ec
ea0524eba5a389e45372aa903af8dc34d7a8f45081c422ca539b87f9e0c2d414
ea5099c19ead4628998b9dc17fd3372e72df560835673967a2f6a6ed70f987ab
eb2fe08323438721a24bd253e0505f00d59ccadd98835ec86354ecb532ee2b01
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ebfc869b9fe3c325607c7af860dead0b8f180c2c1aa61166190424d150ee9850
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec4cd1009be8e7307139487fa61b45497d5113f48f422613175ef82307339b34
ee06fd6c282a16aaf8b6e3a755fea755721f70bab3b9bd4ec112ba9518045a4f
ee9f8931bc4c10cfa932c454a933726cdff32ad5c18a2f31c5e8c38bd2222f64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9a58587804b0a7374c553e4ad630e598458f09b9b4115e08fea883620e27a9
efb5f176b50a38ec4bb8b59d76e6f0bc7935777109b5310fd206d9ad087c8520
f317add750ddd447d1ce8af46bf6c7be72e20dc7b62bab2e6ebe76c49be28298
f327e8e028da55ad4df0d30795f565a5929c85f1a5a4e4a53f3b1187c696d88c
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c67c01b05d541f5778500ab3ae4fd788ca4b239e83fa664fd6d0d5d9cae794
f75e1bbca672b869ac0799c300c0901f0bf6e4f53c32c20387179563b848bf7f
f7dbff50f7523121a306802523d3dbdcec6884e12a73780388f0313233e098f5
f8d81edaa4c014ac0ae8d5fccd1dca29e79da33e4bf9d1941c6ee892b0026a93
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fc8334fa6b3770cf65fed03981f95bdc979dc85be546abda72c6fd59df07e22a
fd0634b526e2755e69332ebf1530e92c0ede57784a3d771e1cc7425cab479e60
fd6dc996ed0d5abb8476f977c88ff411f2dcf205d0cb79a5e07328d7fe079c7e
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fea216874f9857383d94b69257e9d95b9795a0378de8794b47e6dffa0e60c3f6
ff83ca68a7d845ff5f72d9cd34f6249666520c52a847cdc6dfe766f1e93d2a04