storyconsole.dallasobserver.com Open in urlscan Pro
2606:4700:20::ac43:45d9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://storyconsole.dallasobserver.com/sc/altai-balance-review
Submission: On February 10 via manual (February 10th 2022, 7:22:24 am UTC) from US — Scanned from DE

Summary HTTP 163 Redirects Links 68 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 39 domains to perform 163 HTTP transactions. The main IP is 2606:4700:20::ac43:45d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is storyconsole.dallasobserver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2022. Valid for: a year.

This is the only time storyconsole.dallasobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:20:... 2606:4700:20::ac43:45d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:c000:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.96.113 18.66.96.113	16509 (AMAZON-02) (AMAZON-02)
1 2	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	108.157.4.57 108.157.4.57	16509 (AMAZON-02) (AMAZON-02)
1	2.21.141.148 2.21.141.148	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
1	52.41.136.243 52.41.136.243	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:fc00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225f:e800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:858	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	52.21.62.223 52.21.62.223	14618 (AMAZON-AES) (AMAZON-AES)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:803::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
8	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	44.230.193.23 44.230.193.23	16509 (AMAZON-02) (AMAZON-02)
1	44.233.217.175 44.233.217.175	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
2 9	44.240.108.244 44.240.108.244	16509 (AMAZON-02) (AMAZON-02)
2 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 13	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	54.77.200.211 54.77.200.211	16509 (AMAZON-02) (AMAZON-02)
1 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	54.77.5.134 54.77.5.134	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	44.237.47.166 44.237.47.166	16509 (AMAZON-02) (AMAZON-02)
1	35.166.104.223 35.166.104.223	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3 5	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:c37d:a00d:6a82:4432	16509 (AMAZON-02) (AMAZON-02)
1 1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	54.164.46.147 54.164.46.147	14618 (AMAZON-AES) (AMAZON-AES)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.36 143.204.98.36	16509 (AMAZON-02) (AMAZON-02)
1	52.25.233.186 52.25.233.186	16509 (AMAZON-02) (AMAZON-02)
163	58

23 2606:4700:20::ac43:45d9 (United States)

ASN13335 (CLOUDFLARENET, US)

storyconsole.dallasobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media1.dallasobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media2.dallasobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:c000:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-96-113.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-57.dus51.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.141.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.136.243 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-136-243.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:fc00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:e800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:858 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.62.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-62-223.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.230.193.23 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-193-23.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.217.175 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-217-175.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.45 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 44.240.108.244 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-108-244.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.200.211 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-200-211.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.5.134 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-5-134.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.47.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-47-166.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.104.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-104-223.us-west-2.compute.amazonaws.com

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.102.29.65 (Milan, Italy) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:c37d:a00d:6a82:4432 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.164.46.147 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-46-147.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-36.fra50.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.233.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-233-186.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	dallasobserver.com storyconsole.dallasobserver.com media1.dallasobserver.com — Cisco Umbrella Rank: 509708 media2.dallasobserver.com — Cisco Umbrella Rank: 419652	3 MB
22	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	192 KB
20	googlesyndication.com 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	99 KB
15	adnxs.com 2 redirects acdn.adnxs.com — Cisco Umbrella Rank: 547 ib.adnxs.com — Cisco Umbrella Rank: 210 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8431 cdn.adnxs.com — Cisco Umbrella Rank: 1304 secure.adnxs.com — Cisco Umbrella Rank: 350	108 KB
13	ad.gt 2 redirects a.ad.gt — Cisco Umbrella Rank: 4375 p.ad.gt — Cisco Umbrella Rank: 4910 ids.ad.gt — Cisco Umbrella Rank: 3929 pixels.ad.gt — Cisco Umbrella Rank: 4858 seg.ad.gt — Cisco Umbrella Rank: 10055	17 KB
9	google.com apis.google.com — Cisco Umbrella Rank: 86 accounts.google.com — Cisco Umbrella Rank: 62 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59	59 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 854 q.stripe.com — Cisco Umbrella Rank: 5951 m.stripe.com — Cisco Umbrella Rank: 828	69 KB
7	gstatic.com fonts.gstatic.com ssl.gstatic.com	207 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	180 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	562 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	285 KB
5	pelcro.com js.pelcro.com — Cisco Umbrella Rank: 70555 www.pelcro.com — Cisco Umbrella Rank: 70922	174 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	22 KB
4	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 4223 psp.pushnami.com — Cisco Umbrella Rank: 15025	63 KB
4	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 1475 match.adsrvr.org — Cisco Umbrella Rank: 295 insight.adsrvr.org — Cisco Umbrella Rank: 607	6 KB
3	pubmatic.com 3 redirects image2.pubmatic.com — Cisco Umbrella Rank: 752 image6.pubmatic.com — Cisco Umbrella Rank: 582	1 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 591 syndication.twitter.com — Cisco Umbrella Rank: 840	133 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 913	16 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 653 r.turn.com — Cisco Umbrella Rank: 2694	869 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 444	1 KB
2	rubiconproject.com 1 redirects token.rubiconproject.com — Cisco Umbrella Rank: 593 pixel.rubiconproject.com — Cisco Umbrella Rank: 288	677 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 187	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6342 adservice.google.de — Cisco Umbrella Rank: 9027	1 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 723	140 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829 pixel.quantserve.com — Cisco Umbrella Rank: 374	10 KB
2	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3152 cds.connatix.com — Cisco Umbrella Rank: 3185	238 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	9 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419	1 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	537 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2478	104 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	38 KB
1	openx.net u.openx.net — Cisco Umbrella Rank: 636	305 B
1	aufp.io aufp.io — Cisco Umbrella Rank: 5595	3 KB
1	adnxs-simple.com crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3431	85 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1099	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	603 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1242	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
163	39

	Domain	Requested by
20	storyconsole.dallasobserver.com	storyconsole.dallasobserver.com
13	cm.g.doubleclick.net	6 redirects storyconsole.dallasobserver.com googleads.g.doubleclick.net 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com tpc.googlesyndication.com storyconsole.dallasobserver.com googleads.g.doubleclick.net www.googletagservices.com
9	ids.ad.gt	2 redirects storyconsole.dallasobserver.com
8	fra1-ib.adnxs.com	storyconsole.dallasobserver.com cdn.adnxs.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com storyconsole.dallasobserver.com
6	fonts.gstatic.com	fonts.googleapis.com
5	s0.2mdn.net	storyconsole.dallasobserver.com s0.2mdn.net 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.facebook.com	js.pelcro.com storyconsole.dallasobserver.com
5	connect.facebook.net	storyconsole.dallasobserver.com connect.facebook.net
4	securepubads.g.doubleclick.net	1 redirects storyconsole.dallasobserver.com securepubads.g.doubleclick.net
4	www.google-analytics.com	storyconsole.dallasobserver.com www.google-analytics.com
3	q.stripe.com	storyconsole.dallasobserver.com
3	js.stripe.com	js.pelcro.com js.stripe.com
3	www.google.com	storyconsole.dallasobserver.com tpc.googlesyndication.com 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
3	accounts.google.com	apis.google.com storyconsole.dallasobserver.com ssl.gstatic.com
3	www.pelcro.com	js.pelcro.com
3	ib.adnxs.com	1 redirects acdn.adnxs.com googleads.g.doubleclick.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	psp.pushnami.com	js.pelcro.com
2	googleads4.g.doubleclick.net	storyconsole.dallasobserver.com
2	googleads.g.doubleclick.net	2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com storyconsole.dallasobserver.com
2	2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	match.prod.bidr.io	2 redirects
2	dpm.demdex.net	2 redirects
2	image2.pubmatic.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cdn.adnxs.com	acdn.adnxs.com
2	sessions.bugsnag.com	js.pelcro.com
2	apis.google.com	storyconsole.dallasobserver.com apis.google.com
2	platform.twitter.com	storyconsole.dallasobserver.com platform.twitter.com
2	api.pushnami.com	storyconsole.dallasobserver.com api.pushnami.com
2	cdn.jsdelivr.net	storyconsole.dallasobserver.com
2	media2.dallasobserver.com	storyconsole.dallasobserver.com
2	js.pelcro.com	storyconsole.dallasobserver.com js.pelcro.com
1	m.stripe.com	m.stripe.network
1	insight.adsrvr.org	js.adsrvr.org
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
1	r.turn.com	2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	www.googletagservices.com	2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
1	u.openx.net	storyconsole.dallasobserver.com
1	seg.ad.gt	p.ad.gt
1	pixels.ad.gt	p.ad.gt
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	token.rubiconproject.com	storyconsole.dallasobserver.com
1	secure.adnxs.com	1 redirects
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	ssl.gstatic.com	accounts.google.com
1	crcdn01.adnxs-simple.com	acdn.adnxs.com
1	syndication.twitter.com	platform.twitter.com
1	pixel.quantserve.com	storyconsole.dallasobserver.com
1	www.google.de	storyconsole.dallasobserver.com
1	ping.chartbeat.net	storyconsole.dallasobserver.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	static.chartbeat.com	storyconsole.dallasobserver.com
1	a.ad.gt	storyconsole.dallasobserver.com
1	secure.quantserve.com	storyconsole.dallasobserver.com
1	acdn.adnxs.com	storyconsole.dallasobserver.com
1	cds.connatix.com	storyconsole.dallasobserver.com
1	cd.connatix.com	1 redirects
1	js.adsrvr.org	storyconsole.dallasobserver.com
1	media1.dallasobserver.com	storyconsole.dallasobserver.com
1	fonts.googleapis.com	storyconsole.dallasobserver.com
163	72

This site contains links to these domains. Also see Links.

Domain
www.dallasobserver.com
www.voicemediagroup.com
www.phoenixnewtimes.com
www.browardpalmbeach.com
www.miaminewtimes.com
www.westword.com
www.couponscaptain.com
thediabetesplans.com
media1.dallasobserver.com
media2.dallasobserver.com
voice-media-group.dcatalog.com
adindex.dallasobserver.com
www.facebook.com
www.instagram.com
twitter.com
publishwithfoundation.com

Subject Issuer	Validity	Valid
dallasobserver.com Cloudflare Inc ECC CA-3	`2022-01-05` - `2023-01-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.pelcro.com Amazon	`2021-12-13` - `2023-01-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-19` - `2022-02-17`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
pelcro.com Sectigo RSA Extended Validation Secure Server CA	`2020-02-25` - `2022-02-18`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
aufp.io Amazon	`2021-11-26` - `2022-12-24`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh

This page contains 18 frames:

Primary Page: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Frame ID: A08FBE50BC38AF0D3993E689EAFE08D3
Requests: 88 HTTP requests in this frame

Frame: https://cds.connatix.com/p/149482/connatix.playspace.dc.js
Frame ID: DF65B586C703800341EB8E202CF5CF58
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fstoryconsole.dallasobserver.com
Frame ID: 7BB17560146A31BCD5CD4BB9690DB93E
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: E29BC3B48386F537D4C1CC0E9493CA48
Requests: 4 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&e=wqT_3QKQDXyQBgAAAwDWAAUBCKn6kpAGENrwsPWEvJCqfRgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCbBEQDC7gJYGOMNGQMNGSAJQ4La9ogFYoetaYABonbJ0eOLWBYABAYoBA1VTRJIFBvBSmAHQD6ABhAeoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQCKAlh1ZignYScsIDI5Njg0ODQsIDE2NDQ0Nzc3MzcpO3VmKCdpJywgOTY0Njc1LCA-HAAwcicsIDM0MDc0NTA1NjY7APBpkgL5AyFLVXZBWkFpcHpONFlFT0MydmFJQkdBQWdvZXRhTUFBNEFFQUVTTU5HVUx1QWxnWllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JBQUFBQQUEDERCQVEFCQUBPHlRRVJqNFdZcjdEd1A5a0IFFTRBQUE4RF9nQWNQd092VQkUKEpnQ0FLQUNBTFVDASAIQUwwCQjwTE1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TlRNeE51QUR5eTJBQkFDSUJBQ1FCQUNZQkFIQkJBBVoFAQR5UR2lGE5nRUFQRUUFGQUBIENJQmNRcHFRVQUOHEFBRHdQN0VGDQ0BEARCQh0_AHkVKAxBQUFOMigAAFouKACoNEFVQThBV1pwSkFJLUFXa2w3VUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWQFKCQEkS2dHQXJJR0pBawkQAQEAQh2rBEJrARIJAQBDHRhETGdHSmcuLpoCmQEhNGdfbXlnOv0BKEtIcldpQUVLQUF4CT4FAQA2MkkBEGtETExVEWEMRHdQMR1hAEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUR0Q8F5BLi7YArnhA-ACn_Ba6gI_aHR0cHM6Ly9zdG9yeWNvbnNvbGUuZGFsbGFzb2JzZXJ2ZXIuY29tL3NjL2FsdGFpLWJhbGFuY2UtcmV2aWV38gIRCgZBRFZfSUQSBzI5NmFDbPICEgoGQ1BHX0lEEggxNzA0Mzk5M_ICEQoFQ1AFFFw1MTg4MTUxM_ICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQACMJIJBDT0RFEhdUaGVfTW9ybmluZ19BZnRlcl9Qcm9tb_ICMAoIQ1BHCSYsJGRhbF9UaGVNb3JpASoJKVQwMjEwMjJfU2tpbl9ST1PyAicKB0NQCTIAHAEyBFNwAftgcnNoaXBfTG9jYWxfNTI2NTM08gIPCgVJTwG3CAY5NoEFGPICCwoHSU8JPEQA8gITCg9DVVNUT01fTU9ERUwBKhQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCfATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APJGeADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEEAgAEAEY0A8ghAcoADAAOAK4BADABADIBADSBA45MDI3I0ZSQTE6NTMxNtoEAggB4AQB8ATgtr2iAYgFAZgFAKAF____________AcAFAMkFAKWeEPA_0gUJtdZo2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGBS4sAPA_0AbgLtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vwZAAMgH4tYF0gcNFXQBOAjaBwYJJ0TgBwDqBwIIAPAHi78BiggCEAA.&s=e7d0bfd90dd6929dce9c8bee725dce8ab1a7f058&bdref=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review,https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&
Frame ID: 953C8C9EC8C6F6D0084AE47EE3F2E53B
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 2EBA001BB7EF2821D444251C72D7A2E0
Requests: 12 HTTP requests in this frame

Frame: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 36B7B6BE994F6D6488CAA16ACD2DFB06
Requests: 1 HTTP requests in this frame

Frame: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4C56CB437D747A5500DCF5D912DE3DAA
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBCB4FAFC53A957C9D0C61D13CD51F62
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 503727FB38C6EACD494F0165ECEAC307
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGPfn854BMAE&v=APEucNWo3IDL3-cPv8Tyo_lzQ0S6gouE18ytvpcM9pDSioeP2G_-myZZJM-NhwvPMvUVgOaup2kdV-Zy9lTPW12w4I-H1-rFgobJIAUwED1vGGn4T-YtiWsX7gb4b6R6Frcv5SqISJusMEap_6ZmxGW64nr2mCMlPGlJ1kHysiIwFi1HLxgqr0M
Frame ID: DDE0D767CF47363DC923A576905ECE7F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 848F4842F6A9FB5BF7A1FCDADECEE7D7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 947A19ED94ED9C4B7A0B4A6678B9C58D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10250530564910116944/728x90%20deDE.html
Frame ID: 367BF9EEED2982EC4D0404F6346148A7
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&upid=07ypglr&upv=1.1.0
Frame ID: 2F639EE852CCE150A84DF7E39A262638
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 76015331E4E47FA4E5D19C86665313FE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
Frame ID: 23E3AA65931532FAA9674744D63BA65D
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FF3DA7620D2762DCE974CFB03B6D1B59
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Altai Balance Review: Customers Revealed Shocking Results

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

163
Requests

88 %
HTTPS

47 %
IPv6

39
Domains

72
Subdomains

58
IPs

7
Countries

4742 kB
Transfer

14775 kB
Size

64
Cookies

68 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dallasobserver.com/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/dallas/ArticleArchives?section=6202214
Title: News Archives

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/education-7019573
Title: Education

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/healthcare-7019711
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/politics-7019564
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/longform-6372618
Title: Longform

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/profile?newsletter=12038496
Title: Daily Newsletter

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/profile?newsletter=12038506
Title: Weekly Newsletter

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/restaurants
Title: Food & Drink

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/dallas/ArticleArchives?section=6202217
Title: Food & Drink Archives

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/openings-and-closings-7019647
Title: Openings and Closings

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/guide/dallas-restaurants
Title: Restaurant Guide

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/guide/top-100-dallas-restaurants
Title: Top 100 Restaurants 2022

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/guide/best-dallas-bars
Title: 100 Best Bars in DFW 2021

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/profile?newsletter=12038500
Title: Food & Drink Newsletter

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/arts
Title: Arts & Culture

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/dallas/ArticleArchives?section=6202215
Title: Arts & Culture Archives

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/visual-art-7019713
Title: Visual Art

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/theater-6372723
Title: Theater

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/dallas/MovieTimes
Title: Movie Times

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/things-to-do-7019621
Title: Things to Do

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/dallas/EventSearch?narrowByDate=today&sortType=date&v=g
Title: Calendar

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/profile?newsletter=12038494
Title: Arts & Culture Newsletter

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/dallas/ArticleArchives?section=6202216
Title: Music Archives

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/concert-reviews-7019681
Title: Concert Reviews

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/dallas/EventSearch?eventSection=6468465&feature=Concert&sortType=date&v=g
Title: Concert Calendar

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/profile?newsletter=12038503
Title: Music Newsletter

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about
Title: More

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/things-to-do
Title: Things to Do/Tickets

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/best-of
Title: Best of Dallas

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/dallas/SlideshowArchives
Title: Slideshows

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/promotions
Title: Promotions

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/topic/lists-7019660
Title: Lists

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/careers
Title: Observer Careers

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/advertise
Title: Local Advertising

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/flipbooks
Title: Flipbook Archives

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/profile?newsletter=12038505
Title: Things To Do Newsletter

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/profile?newsletter=12038495
Title: Best Of Newsletter

Search URL Search Domain Scan URL

URL: https://www.voicemediagroup.com/
Title: Voice Media Group

Search URL Search Domain Scan URL

URL: https://www.phoenixnewtimes.com/
Title: Phoenix New Times

Search URL Search Domain Scan URL

URL: https://www.browardpalmbeach.com/
Title: New Times Broward-Palm Beach

Search URL Search Domain Scan URL

URL: https://www.miaminewtimes.com/
Title: Miami New Times

Search URL Search Domain Scan URL

URL: https://www.westword.com/
Title: Westword

Search URL Search Domain Scan URL

URL: https://www.couponscaptain.com/
Title: Coupons Captain

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/i-support
Title: Support Us

Search URL Search Domain Scan URL

URL: http://thediabetesplans.com/altai
Title: >>> [Maximum Discount] Click Here To Get Altai Balance From Its Official Website <<<

Search URL Search Domain Scan URL

URL: https://media1.dallasobserver.com/dal/imager/u/original/12524865/altaiinarticle1.jpg

Search URL Search Domain Scan URL

URL: https://thediabetesplans.com/
Title: diabetic diet

Search URL Search Domain Scan URL

URL: https://media2.dallasobserver.com/dal/imager/u/original/12524866/altaiinarticle2.jpg

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/contact?department=Retail+Advertising
Title: click here

Search URL Search Domain Scan URL

URL: https://voice-media-group.dcatalog.com/v/Dallas-Observer-flipbook-02-10-22/
Title: This Week's Issue

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/coupons
Title: Coupons

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/profile?newsletter=12038512
Title: Promotions Newsletter

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/staff
Title: Staff

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/circulation
Title: Circulation

Search URL Search Domain Scan URL

URL: https://adindex.dallasobserver.com/classifieds
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/californiaPrivacyPolicy
Title: California Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/californiaPrivacyPolicy#CollectionNotice
Title: California Collection Notice

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/about/californiaPrivacyPolicy#DoNotSell
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DallasObserver

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dallasobserver/

Search URL Search Domain Scan URL

URL: https://twitter.com/dallas_observer

Search URL Search Domain Scan URL

URL: https://publishwithfoundation.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/149482/connatix.playspace.dc.js

Request Chain 70

https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=359954229 HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 78

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&adnxs_id=$UID HTTP 302
https://ids.ad.gt/api/v1/match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&adnxs_id=5287398827307668341

Request Chain 79

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=e405682e-65bf-45fd-8888-3a1d99697973&id=08032bef-d1e5-461e-94ef-8ed61179a5f6

Request Chain 80

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=5B0ACAF5-A95D-4A46-8D7C-431487B45288&id=08032bef-d1e5-461e-94ef-8ed61179a5f6

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=08032bef-d1e5-461e-94ef-8ed61179a5f6&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&google_gid=CAESEIhVcCnROuPsDovbuOMXPNA&google_cver=1&google_ula=450542624,0

Request Chain 82

https://ids.ad.gt/api/v1/g_hosted?id=08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDgwMzJiZWYtZDFlNS00NjFlLTk0ZWYtOGVkNjExNzlhNWY2

Request Chain 83

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=08032bef-d1e5-461e-94ef-8ed61179a5f6&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=08032bef-d1e5-461e-94ef-8ed61179a5f6&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=27956972713803955722744899469468260978&id=08032bef-d1e5-461e-94ef-8ed61179a5f6

Request Chain 84

https://ids.ad.gt/api/v1/rub?id=08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 302
https://token.rubiconproject.com/token?pid=50242&puid=08032bef-d1e5-461e-94ef-8ed61179a5f6&gdpr=0

Request Chain 85

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=08032bef-d1e5-461e-94ef-8ed61179a5f6 HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=08032bef-d1e5-461e-94ef-8ed61179a5f6&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAC9gU7ECXoAAHjk9Y_Hew&id=08032bef-d1e5-461e-94ef-8ed61179a5f6

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1&C=1

Request Chain 122

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgS9K0KtUv5.lodl3shMvAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1&google_hm=2

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFBjNOAHDyooDaqNAAeT-k4&google_cver=1

Request Chain 124

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NzM5ODgyNzMwNzY2ODM0MQ%3D%3D

Request Chain 135

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPGHKaqVx89SKeqPtm3LMYk&google_cver=1&google_push=AYg5qPLx54-dV4nyrV-VYt19snkQ3U53I2xhOcguK-YULdvEug4Wba31aXO1xFWBzDQjEJPTiXtpI5bsWoGUmQTxN_h66yPmCrId2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODcwNTYzNTg2MDQ4NTIxMjA2Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPGHKaqVx89SKeqPtm3LMYk&google_cver=1

Request Chain 137

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEM3HQqFVDaa1XoPdmJLZELs&google_cver=1&google_push=AYg5qPJj2ak-KgiIJ6JITb0L7Z8a99C5AnpmeS3mhgC4dCTyHL71s0ZOXbo9T4mNbLValGC3JhN-S4uCzXt1AxB4bGzzFnNuBSqg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM3HQqFVDaa1XoPdmJLZELs&google_push=AYg5qPJj2ak-KgiIJ6JITb0L7Z8a99C5AnpmeS3mhgC4dCTyHL71s0ZOXbo9T4mNbLValGC3JhN-S4uCzXt1AxB4bGzzFnNuBSqg

Request Chain 138

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECMOiwf1SNIpFm-9f6XbScU&google_cver=1&google_push=AYg5qPJZFncItZUozjbCDpYYWRJYWkalq3DPY6xu-Hs7FErlf3x9fOjgSE7AVHlL1Sl-AE-AEjw2d27bmKA6v7Uv35W8xRzj5dJtGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJZFncItZUozjbCDpYYWRJYWkalq3DPY6xu-Hs7FErlf3x9fOjgSE7AVHlL1Sl-AE-AEjw2d27bmKA6v7Uv35W8xRzj5dJtGw&google_hm=NzQ0MzAwMTgyNzAzNDU4MzI4Mg%3D%3D

Request Chain 139

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF_NNnOJ3a9dTj5ypxBCzyA&google_cver=1&google_push=AYg5qPIhD2iowN5JoBrk1gxCt8XCTnpjMi-IcJoAVcACFqVPih31BXCQWb4pJc2hIgRy_qut5Er1W2NDfwqVCMTG66L7rtOhJROQEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WwrK9aldSkaNfEMUh7RSiA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIhD2iowN5JoBrk1gxCt8XCTnpjMi-IcJoAVcACFqVPih31BXCQWb4pJc2hIgRy_qut5Er1W2NDfwqVCMTG66L7rtOhJROQEw

Request Chain 140

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA-GzQR2jb3NMGkhQBoiUR8&google_cver=1&google_push=AYg5qPJ0qphi3fiqgGGwptNgtJzwD7yVPulk7cXPWL2SSXdX2FRvog9Nu17KLGi-oxlKy-W8kkXZVkVfL4ByXRkzsETCumqslfwOXQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHTkw0TEktMTUtRDAwQw==&google_push=AYg5qPJ0qphi3fiqgGGwptNgtJzwD7yVPulk7cXPWL2SSXdX2FRvog9Nu17KLGi-oxlKy-W8kkXZVkVfL4ByXRkzsETCumqslfwOXQ

Request Chain 141

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s

163 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request altai-balance-review Show response
storyconsole.dallasobserver.com/sc/ 100 KB
23 KB 1073ms
1026ms Document
text/html 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de66b152a24d88e16d3fab18c4ecf49f746adfd8b9fd34481642d4e6933c272

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 10 Feb 2022 07:22:12 GMT
content-type: text/html; charset=utf-8
x-dn-cache-control: max-age=300
cache-control: max-age=300, s-maxage=300
x-gyrobase-publication: dal
vary: Host, Accept-Encoding
last-modified: Thu, 10 Feb 2022 06:22:12 GMT
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMUqHGg0mnb161x6mgaO4A4Yvq40AM0Yl8ILiSaKn22nEUbNDvWvzDA9izJIIJeHR4WwnFMAVeXyVMbgBR2ZQoNiNCSzPto%2Bl8JEbd1q5swonXw4crp9dH4F6J%2BzcSGynvthjh2JmUq5Mz7Tdm204enTKSxe6r6ee3dGSc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6db395be2da391e9-FRA
content-encoding: br

GET
H2 200 desktop.css
storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/ 967 KB
121 KB 3786ms
3785ms Stylesheet
text/css 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af78c17fc966f18f2b599bfe0cb0b80fb0885ab03905b0f98713e4b4e9038445

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Feb 2022 04:38:50 GMT
server: cloudflare
etag: W/"f1ba9-5d7a286cfea80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbdBeh1ehv0%2FzkmplwxOA65lUmMLRe6IvFeh00EQ0TApxHi%2F9m5XDgnV5ETBUz6G5jEde4kd8%2FG87Ybtx5kzT4iAzU%2BSE%2FX%2F1dl5YOzuHYWbWGxC3GNvIFYSx3Xqn5TG%2FIg5aqG3PzyCNG5mygVB%2BwABiK%2Bv8HdU4juCnsg%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395c4b9d691e9-FRA
expires: Sun, 13 Feb 2022 07:22:13 GMT

GET
H2 200 uikit.js Show response
storyconsole.dallasobserver.com/fdn-system/assets/pub/scripts/ 186 KB
53 KB 31ms
30ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/scripts/uikit.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fb64345d71f4c06846abe03f864274565b24fea10d791e4d20ba60b0963076d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43330
cf-polished: origSize=339756
cf-bgj: minify
last-modified: Wed, 09 Feb 2022 19:16:31 GMT
server: cloudflare
etag: W/"52f2c-5d79aabcfa1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YiyhXS%2F8j%2FFChmy0tgIz0oVDymBDLqkPa%2FoSi5RtKuliXnLjw6pngLxkzSlxlEOFvRRf0T%2BcrxYDTTEDbizCTQqS8wE3b7A3k%2FanQnjljWywJa4SQZJnom%2B8sHUclMErAu5%2BcrF8CmxnspoXZ5XzelKfbJKcEFyl2hhNTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 6db395c4b9da91e9-FRA
expires: Sat, 12 Feb 2022 19:20:02 GMT

GET
H2 200 uikit-icons-fdn.js Show response
storyconsole.dallasobserver.com/fdn-system/assets/pub/scripts/ 233 KB
87 KB 37ms
37ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/scripts/uikit-icons-fdn.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5de6beb44d59334c85abeccb40e2e4b253667e2b0c84eb229a290c84560fd28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43330
cf-polished: origSize=241018
cf-bgj: minify
last-modified: Wed, 09 Feb 2022 19:16:31 GMT
server: cloudflare
etag: W/"3ad7a-5d79aabcfa1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDbgleBt4lqe6%2BVXPctxga3Lf%2B3n3kqAWznbwBMKd2tDoNuQbbl8OKlgKyFDIhcm0vUuZBrGgZZz3lr274MJXtFhNJ8ob3k3nEa%2FhXavt6gsMnNBm8Dvs7w81SuPf%2FCJq8IyKnI7cTNB%2FrwoZhuqd7pqWlmT8zsnbFZT1DE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 6db395c4b9de91e9-FRA
expires: Sat, 12 Feb 2022 19:20:02 GMT

GET
H2 200 brands.min.js Show response
storyconsole.dallasobserver.com/foundation/fontawesome/js/ 437 KB
189 KB 42ms
42ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/foundation/fontawesome/js/brands.min.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c60fbb2cbbef335bceb50752f77180c710787594e46f9e00d13121c489af0f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 15:55:27 GMT
server: cloudflare
age: 43331
etag: W/"6d592-5c55cd18e99c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=burzND4vXwDEEv2H1JLr3mMhgDGeiSZWDypT5ovtd2CDigTWRsmt3DY0G9yfYbZ%2FbE3ZsOJJWz0qiVMqu2qaSOD6Se8RRniDoWc6rkqsXvB2TXJVuSp14ZBJt3kizp6PaLRsWMNpUcMrNg7CxxHtFDTuk0sDH3f%2Bnc8nK0M%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395dd0e1d91e9-FRA
expires: Sat, 12 Feb 2022 19:20:05 GMT

GET
H2 200 solid.min.js Show response
storyconsole.dallasobserver.com/foundation/fontawesome/js/ 1 MB
344 KB 50ms
50ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/foundation/fontawesome/js/solid.min.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a1b092d7e105d5ecda0bd16c3642bc9c9a19ce1c86318331d81c8d40217641c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 15:55:27 GMT
server: cloudflare
age: 43330
etag: W/"116b58-5c55cd18e99c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcXWi%2F4VE0wVxEPmYE5bOEZcsUPxGBO38QnpYmXHlk1es5NRtxY7aw0ieOnaQyW7q0YqrAVCKkrazrkfa5I6xhes7aU6r6ZAcMDUl%2BuuJAWKD8BZ%2BOzUJM2xHxxu2zKZ0LEmJomdIenISCcJGkGMz%2BSdld2C9kvFSADAUgo%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395dd7f5a91e9-FRA
expires: Sat, 12 Feb 2022 19:20:05 GMT

GET
H2 200 regular.min.js Show response
storyconsole.dallasobserver.com/foundation/fontawesome/js/ 1 MB
442 KB 1973ms
1973ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/foundation/fontawesome/js/regular.min.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1295392dc1ad49ec647789fb43abc365e98aee26822f397ba16a24d9acf6a689

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 15:55:27 GMT
server: cloudflare
etag: W/"155d35-5c55cd18e99c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doh9cZVMkqQTFYDgF68Vu5%2BPVpnlfGIP3xQbcsCJTIpUTyA3%2F3pOtmX%2B2Z15X21iEm46zGVx193APScRsqO%2FZxOVG7h3OTZhuA5KHU%2FltgevgogFGANp55WefK5kpQUbAm8xH8HzSCK6mgANNhZXhcHoZp7m3XYL6G7W0Z8%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395ddf90c91e9-FRA
expires: Sun, 13 Feb 2022 07:22:17 GMT

GET
H2 200 fontawesome.min.js Show response
storyconsole.dallasobserver.com/foundation/fontawesome/js/ 36 KB
13 KB 22ms
22ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/foundation/fontawesome/js/fontawesome.min.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 380a2b96ba56a2981cd1c689b78edd8b91096f843ebec8ba62de16c8d8afd2fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 15:55:27 GMT
server: cloudflare
age: 43331
etag: W/"91a7-5c55cd18e99c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQmZA63QEweHP9rMiXQzZP2jDRLjRfVSuvhrS0DiDR4gMg%2FDpo2O3mHo3ghKSbILUNnDKcFn8qNVcnoU9uqg4JikPM%2Brz2M3EZp0m%2BvyPZssjNXqtgaSGHQVZ8jGFBq68b2qoUUJ53eKDsrTduLcmE8LfVrE5YRpQu%2Bsf3Y%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395e0aa5491e9-FRA
expires: Sat, 12 Feb 2022 19:20:05 GMT

GET
H2 200 light.min.js Show response
storyconsole.dallasobserver.com/foundation/fontawesome/js/ 1 MB
492 KB 2260ms
2257ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/foundation/fontawesome/js/light.min.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f44becebd35a6e9ec71d4917ee8690eb00a0b0f0c9c7fa230f504464e9c643c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 15:55:27 GMT
server: cloudflare
etag: W/"17be80-5c55cd18e99c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q8dZH7QlkqNnYdvdK%2B%2BYMjgN%2F9ayn11gVJvmAnyBQAicLeGNjJz%2BVRd7RSB4RQT4RyIS%2BKzx3hMWfXvGHGF1aJw8V6ef6u82l0618ppFJNUsM0VoulXv0FePisct2Fl0rMieozX7cXMNlf4G0SROcu5a1gs8CtZMCEuvag%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395e18cea91e9-FRA
expires: Sun, 13 Feb 2022 07:22:17 GMT

GET
H2 200 duotone.min.js Show response
storyconsole.dallasobserver.com/foundation/fontawesome/js/ 1 MB
355 KB 2132ms
2130ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/foundation/fontawesome/js/duotone.min.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51643413920fb7346927f681edf04d04a89cbdd95e4b1f6c52808328bf92ad4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 15:55:27 GMT
server: cloudflare
etag: W/"12d01e-5c55cd18e99c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUBY9wQDxI2Z3QXFD3NF1XfS%2FRyuqVWrAOyvkI6xgbmqFMVRFEW6NbSmkBrLjFH8p0E3Nn58Qi7JnMBSXj6WcqrQLDCXqNMb15FMH47vflCloMYDto23ntrrSeycCw8Yreswo0KBCit3oHOir69nedYoQTSvNCuZijP0iOw%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395e18ced91e9-FRA
expires: Sun, 13 Feb 2022 07:22:17 GMT

GET
H2 200 common.js Show response
storyconsole.dallasobserver.com/foundation/scripts/ 215 KB
72 KB 1416ms
1415ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/foundation/scripts/common.js?cb=d01288c370dd35defd0b5208eb140d83
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2ec1d990e7d6960d1af17e80926efcfea6af96338090068528678e119f6c13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jun 2021 15:55:19 GMT
server: cloudflare
etag: W/"35a67-5c55cd11487c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGTRo%2F26DTzXMMCKTR95%2Bcb5%2F0fmY%2BD3TFB1sKLXP6%2FxNgI7zsAdjhS8yGWdBpl%2BqJVxE0cm7vcbUQ6vVUXBy2uBGTSxDxHv7niQ0UPgt%2Fa2pE0lzE26l0kLwbWcuAgEGtWAJiIRU4x34dRDg%2FD0KJUV%2FqfqgGL7Y%2FJ9jE4%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395c4b9e391e9-FRA
expires: Sun, 13 Feb 2022 07:22:13 GMT

GET
H2 200 foundation-air.js Show response
storyconsole.dallasobserver.com/foundation/scripts/ 787 KB
226 KB 3492ms
3492ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/foundation/scripts/foundation-air.js?cb=d01288c370dd35defd0b5208eb140d83
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f8a52abdf090489ec0a9498adced573a16490c4bb0097e28eff4e53f322cc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 03 Jan 2022 16:32:57 GMT
server: cloudflare
etag: W/"c4c9a-5d4b012b90040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5do6%2F1cToi4IRNzzwQXAJoLtYg2gWnwd7SMV9Nps%2B8nElmfZ6lu%2BhNSSuuWQkqaSFplZ2n54Uf4UIl1L4WyfwcpumOv1aYfH57CUsXEbTzfAnkGQtt2qck7cz9Edm3AEQbhDcLrxmlnG3f0mqlVzu2wdJILOae81XG96O5I%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395c4b9e491e9-FRA
expires: Sun, 13 Feb 2022 07:22:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;700&family=Roboto+Condensed:wght@300;400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1fc3c521d7f8cb202adc5b4d3dd8e60dc2a5f04d11fd3870b44e78608994f36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Feb 2022 07:22:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 10 Feb 2022 07:22:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Feb 2022 07:22:12 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 264 KB
67 KB 85ms
8ms Script
text/javascript 2600:9000:223c:c000:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c000:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3bdfde439c11a1379bb7286e4c0a074c74e80d441f05b183f17036a598a94dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:50:39 GMT
content-encoding: br
last-modified: Fri, 28 Jan 2022 06:29:05 GMT
server: AmazonS3
age: 16299
etag: "ea78cb3d22a5e8760be6dfcfb9b76520"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 68581
x-amz-cf-id: G9AvIr4sd4KJlSfvI8qsyqLPhaPdkYv1QOhhnyz0wcmb6NbzRwhE9g==

GET
H2 200 ResizeSensor.js Show response
storyconsole.dallasobserver.com/fdn-system/assets/pub/scripts/ 10 KB
3 KB 772ms
772ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/scripts/ResizeSensor.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e87dbef76aeb895e03dc869941f350590358f687a655886f20ebc58fae40a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Feb 2022 04:38:50 GMT
server: cloudflare
etag: W/"2778-5d7a286cfea80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qxPe3ASYqnURHaR%2F%2BuoF2ih6%2FnRm%2FQnR7PP3yu8aK%2F8GLG%2Fkn95C0rvzMr4%2F4irab4JYZVgIARxIF3OmXYdAHXK4Ixeqbjfva2TicwJAq1PCQe%2BOdhBW07PAYIAL3sLru3VX2ljzVHpde%2Fsl8RlLIcTNmqf90AcS3%2FpnN0%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395cafd8891e9-FRA
expires: Sun, 13 Feb 2022 07:22:14 GMT

GET
H2 200 ElementQueries.js Show response
storyconsole.dallasobserver.com/fdn-system/assets/pub/scripts/ 10 KB
3 KB 22ms
22ms Script
application/x-javascript 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/scripts/ElementQueries.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398dc6dbd96011b1221e4ae2d74302edf250d806c06bc696701a2dcb63d331ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43330
cf-polished: origSize=20253
cf-bgj: minify
last-modified: Wed, 09 Feb 2022 19:16:31 GMT
server: cloudflare
etag: W/"4f1d-5d79aabcfa1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EBqR2SRcrxfsBplew5JUQLTUYdTPl2e0Bi%2B1IvAPGDexMfdEx7XunVVDCidSREXDr9DYnCZP4r%2F99PKzeqWkn6opdoLm%2FkUOfxx9o2n%2FPC1sp8g913VO2ZtDwCeAKOVaVXiwLUPW%2BYXDEAnGn6mcb1WoFw5HwUj9P3LVlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 6db395cafd8a91e9-FRA
expires: Sat, 12 Feb 2022 19:20:03 GMT

GET
H2 200 dal-main-logo.png
storyconsole.dallasobserver.com/images/ 8 KB
8 KB 46ms
44ms Image
image/png 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storyconsole.dallasobserver.com/images/dal-main-logo.png
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b7a6b1ed398e524b117941837aaecd9a119334758e503b9a45e52fbd879853

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43331
cf-polished: origSize=66008, status=vary_header_present
cf-bgj: imgq:100,h2pri
content-length: 8143
last-modified: Wed, 23 Jun 2021 21:53:56 GMT
server: cloudflare
etag: "101d8-5c575f16f4500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6tkCNv3hQ4FP3QQpOJ1vcWvVGSNbxrBNgHowkC8is1Y4MXw6y3qGW7vEm%2Bnfs3kfnqCn3vENH2UPQHDaHEBTyvDLak%2B0xiZlvQ0qUx3d92jZe9OI31DkicIhVj0L1v1itORhn7yDcMRO%2BehuTp%2BIRqBQ5bKNzGZcpE0BbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-dn-cache-control: max-age=2419202
accept-ranges: bytes
cf-ray: 6db395e18cf191e9-FRA
expires: Wed, 09 Mar 2022 19:20:08 GMT

GET
H2 200 altaiinarticle1.jpg
media1.dallasobserver.com/dal/imager/u/blog/12524865/ 9 KB
9 KB 671ms
657ms Image
image/jpeg 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media1.dallasobserver.com/dal/imager/u/blog/12524865/altaiinarticle1.jpg?cb=1642542772

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ede16112d9db7fbbcf7e5bdd78c76dd4dc2dbbe2669c228f9ce74f7c9c3f41be

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gyrobase-publication: dal
content-type: image/jpeg
content-length: 8769
last-modified: Tue, 18 Jan 2022 21:52:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJZLVQ9HRvBtpS06vDAPRNz1cN0YVz99QRPatZcTTRpMJnkTAqpv3%2BUFc91i34yTTB8CfdzTAWmuLZ%2F102AJJF65l7ZAYdJwdIoXoA6SiVZRCEI11kU2JmsKohVBikxvAxrX9m8ilS47ZtMTd4Fi5bq3UWmBIXo%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=2419202
cache-control: max-age=21600, s-maxage=21600
accept-ranges: bytes
cf-ray: 6db395e19d3491e9-FRA
expires: Thu, 10 Mar 2022 01:47:32 GMT

GET
H2 200 altaiinarticle2.jpg
media2.dallasobserver.com/dal/imager/u/blog/12524866/ 19 KB
20 KB 766ms
747ms Image
image/jpeg 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.dallasobserver.com/dal/imager/u/blog/12524866/altaiinarticle2.jpg?cb=1642542890

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b903b204822feb2a1fb089cdd850655ff0b1cca4aece20235ed604eef1ae7b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gyrobase-publication: dal
content-type: image/jpeg
content-length: 19567
last-modified: Tue, 18 Jan 2022 21:54:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULc4Bx7I4xKxh7IF4f7ohReJnu%2BknFflt71XCvIhFnl1yiTI5omQH%2BT1GprQkHKxlsoNDfUXDrtR1Z%2Bpj%2B7u5K69f%2FssF3CskJMZZHf3oMv12Kknwm4aqY%2BfCL%2BVsQgNI6noWZDw%2Bg2BUeLtPr7Mw%2Bl1NFZ8E1M%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=2419202
cache-control: max-age=21600, s-maxage=21600
accept-ranges: bytes
cf-ray: 6db395e19d3591e9-FRA
expires: Tue, 08 Mar 2022 15:42:23 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 38ms
17ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 34838
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6db395dc7c0990bb-FRA

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 29ms
29ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 34839
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6db395dc9c4390bb-FRA

GET
H2 200 PoweredByFoundation.svg
storyconsole.dallasobserver.com/images/ 20 KB
8 KB 754ms
752ms Image
image/svg+xml 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storyconsole.dallasobserver.com/images/PoweredByFoundation.svg
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73eb3a275137c862b8aede37f767fb8878199c38388c804d40811205fb3b396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/sc/altai-balance-review
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Jul 2021 18:16:02 GMT
server: cloudflare
etag: W/"515e-5c7ba478fbc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNkuf4jCuRS4Ry4pimy8IFozVgUqDiRdxGk9LN4q0T%2BMCGuLxavqK9cnMlOcAUTh4fD8aMSWAOWNcP%2F7YVGq4CKWoj4r1tPvjhilI1ByKEGYFqGRVp%2BnxOCwemjz7n3jwcX9JQSkR9qdgXeKmd5pCGTQbW1F9ZBod1q4km0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395e18d3091e9-FRA

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 37ms
7ms Script
application/x-javascript 18.66.96.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-96-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 00:27:34 GMT
Via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 47262
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: 23E1b3m-9ItSWl_CrSNsk92PNEUGLk7WFtqQWuwRo1vL4RAnq_pH5w==

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/149482/ Frame DF65
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/149482/connatix.playspace.dc.js

985 KB
238 KB

27ms
7ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/149482/connatix.playspace.dc.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31db2bd9311df9bbfaa9b19d4258f77f5279b2e39749d834c869fb62c917803b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: br
last-modified: Wed, 09 Feb 2022 17:10:55 GMT
age: 49456
etag: "e04ddd0e693efa39adb3af080bc16a4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 243572

Redirect headers

location: https://cds.connatix.com/p/149482/connatix.playspace.dc.js
date: Thu, 10 Feb 2022 07:22:17 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 604b996bca020f0010ead52b Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 243 KB
61 KB 64ms
17ms Script
application/javascript 108.157.4.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/604b996bca020f0010ead52b
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-57.dus51.r.cloudfront.net
Software: /
Resource Hash: 142f73d801ac2d43bd40e1fe11e3edef43345b3682a17d77d2a7280bd8a895e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:20:18 GMT
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
age: 119
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: DUS51-P2
content-encoding: gzip
x-amz-cf-id: urDHRWudTa_zPF3P1BHpb5BkhtCobK7NXaIDkxgC4SR5zdLiwkwUjQ==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 91 KB
32 KB 35ms
9ms Script
application/javascript 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e8fc85293845d4d357c1af9188cd14fb3b33c7b7d1917fb6bbc61a999e55d84f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 07:22:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Feb 2022 16:05:39 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62014353-16a12"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 32044
Expires: Fri, 11 Feb 2022 07:22:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
38ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4645
date: Thu, 10 Feb 2022 06:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Feb 2022 08:04:52 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 30ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 07:22:17 GMT
Content-Encoding: gzip
Age: 1325
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 20:03:56 GMT
Server: ECS (frb/67DF)
Etag: "94840c3a0697481258cd2b28513e7509+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/foundation/scripts/foundation-air.js?cb=d01288c370dd35defd0b5208eb140d83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

48a43d6f88d59265884eff12131c0511ef5323da902abd3e325cfd10d3acb0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HFs7x33p+SJKU1EuYZQDdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: hQe2P2Op9dRE5AOnBsmTBIbGFh8WTKV0gPJfIiaRTAz5o9ij+i8sJ3U6yf5bILPsAeTqP3LFrJc4XkfPFagwXQ==
x-fb-trip-id: 686109401
x-fb-content-md5: cb1132030e834c9be9fa3c4d4357daed
x-frame-options: DENY
date: Thu, 10 Feb 2022 07:22:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "376565690442f8c7bc3f45ebaa336f72"
timing-allow-origin: *
expires: Thu, 10 Feb 2022 07:27:43 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 163ms
77ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/foundation/scripts/foundation-air.js?cb=d01288c370dd35defd0b5208eb140d83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f8d7d69ae71a4596a9b4256eed174158ad478d2a5f12b338a0cfeebb114c27b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H5Aqdw4brS7eQI9vFX1x4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "e8ffbe621e1cdf6fd8ff881ebc9a3cd4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-H5Aqdw4brS7eQI9vFX1x4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 10 Feb 2022 07:22:17 GMT

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c52965e97e25fc384a2d740f9b558186a6da55dafa480fdae5f29225b9721dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84b742c171dadedcad5db808d8dca7c9b19487365533eee7919cebe8e88c3cf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 avalon-bold-fdn.woff
storyconsole.dallasobserver.com/styles/fonts/ 27 KB
27 KB 32ms
30ms Font
application/font-woff 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/styles/fonts/avalon-bold-fdn.woff
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131911bf220ea99b0c5cb656841224dba94da7314169f3069ccac0815bc9e0df

Request headers

Referer: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 18:15:14 GMT
server: cloudflare
age: 43331
etag: W/"6aa8-5c7ba44b35080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h7EsFDze94Rip1Mchi9SicLTHm2Mhy0DgA7q87fnaA4bbKFzvxwoiFcEWY9mZSBEZkGAlVt%2B4s3vjsBR6MsmSQxA%2Bp2ZussUEj%2FJGXUjkLPMTrLCvSSsXU%2F7yhc6JZ9UjdiXQq8teTdfWGi0nVHh2hmI%2BfzL1XWYOQwpuQ%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/font-woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395e1ee2f91e9-FRA
expires: Sat, 12 Feb 2022 19:20:06 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
15 KB 143ms
51ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;700&family=Roboto+Condensed:wght@300;400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:40:35 GMT
x-content-type-options: nosniff
age: 42102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:16:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:40:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 131ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 126862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 175ms
83ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 71980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 11:22:37 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
15 KB 203ms
112ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 42707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:19:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:30:30 GMT

GET
H2 200 avalon-book-fdn.woff
storyconsole.dallasobserver.com/styles/fonts/ 26 KB
26 KB 38ms
36ms Font
application/font-woff 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/styles/fonts/avalon-book-fdn.woff
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e66e73048706fa4d36d4b10033b268c63408c0304395f11ef661a278c403bf

Request headers

Referer: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 18:15:14 GMT
server: cloudflare
age: 43331
etag: W/"6640-5c7ba44b35080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMxEI%2B55PjE78S6tY%2F5kF%2FXpw3ncdj3g%2BkN8j%2B9ecXnVemz9OnGBR%2BnZAWJfug3IlBMKaawq43h7uOgiYZTdGHSsw%2F9F1OLTjAGFVD2L2oLKKZoN3jwFAhwRpMvXhf7Cm68xe9OCJMRQOCat19O1%2F8XP0K3kGCA2v%2BhhZ8E%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/font-woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395e1ee3591e9-FRA
expires: Sat, 12 Feb 2022 19:20:06 GMT

GET
H2 200 serif12beta-regular-webfont.woff
storyconsole.dallasobserver.com/styles/fonts/ 30 KB
31 KB 868ms
867ms Font
application/font-woff 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/styles/fonts/serif12beta-regular-webfont.woff
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d6fa0add72b520785550d10a22373d383420fded6809a4b1f6f584d094c430

Request headers

Referer: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Jul 2021 18:15:14 GMT
server: cloudflare
etag: W/"7998-5c7ba44b35080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjOEdLH07TmG7yPDZ0mbyQO%2F2GbOVJYsmG5q5G0OMpBVj7WfFC1YsDtfAfyR8JCqBOP%2B%2F4bHY%2BZ8YFIUiWCx4CnsU6TTSQeGKk%2FfuiBqEwkVTSxcnE7IvfKLM42wOOkL8wU7P8hreG2hPh6ZqG65PIbBSEJLgMJ56H8nT5E%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/font-woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395e1ee3a91e9-FRA
expires: Sun, 13 Feb 2022 07:22:17 GMT

GET
H2 200 serif12beta-bold-webfont.woff
storyconsole.dallasobserver.com/styles/fonts/ 31 KB
32 KB 26ms
25ms Font
application/font-woff 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storyconsole.dallasobserver.com/styles/fonts/serif12beta-bold-webfont.woff
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b332ac60714bc69c5f411267b8cd63190e8a82b17b552d7c85aa9d796edba2af

Request headers

Referer: https://storyconsole.dallasobserver.com/fdn-system/assets/pub/styles/desktop.css?cb=753efdb56f48bd5f83075166717e3edc
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Jul 2021 18:15:14 GMT
server: cloudflare
age: 43331
etag: W/"7c0c-5c7ba44b35080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiLiJZ08eXjgDt5CL0JHCP7AXZqj4jMfxaYV5skBIjzp0F0II1k%2F5NOiXkk0Ea8VPEF2XzWfz5zIVUfJko7Pg4TgAw2kASHBpUbGKKpumwTk4RjiJ%2BhQ83k3AKTNzA%2BO%2BeudHlNYKsq2fQeFTI12MMsyJy2pFzG7S1xKaoM%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=259200
content-type: application/font-woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6db395e1ee3c91e9-FRA
expires: Sat, 12 Feb 2022 19:20:06 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
15 KB 186ms
96ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 42707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:30:30 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb9150d3c9aeea9ed3eb421e98a315655bcbac53ffa236e539fb37c1d64ec5bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 altai-balance-800x427.jpg
media2.dallasobserver.com/dal/imager/u/golden-m/12524864/ 128 KB
129 KB 1010ms
1010ms Image
image/jpeg 2606:4700:20::ac43:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.dallasobserver.com/dal/imager/u/golden-m/12524864/altai-balance-800x427.jpg?cb=1642542890

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f454efaa3f2f9a58423ed1624f280a5f153f6bd43127e6919c32fdfefe121bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gyrobase-publication: dal
content-type: image/jpeg
content-length: 131266
last-modified: Tue, 18 Jan 2022 21:54:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1s4%2Fm8hTBylLYS9rrFeFXvPJMITrHDXmucNzsuJMXBqclu33kG%2FJJSE0BRapwmdj1gsvPwuN3eP6AlVXmtKgqGn22HLG5%2BQLTLyqxJVkPdHb1ZrYuGiQMl2hc5RWltOvOIHGB4T4bAPjGjA39z%2BHvKG01HHqRc%3D"}],"group":"cf-nel","max_age":604800}
x-dn-cache-control: max-age=2419202
cache-control: max-age=21600, s-maxage=21600
accept-ranges: bytes
cf-ray: 6db395e2d90491e9-FRA
expires: Tue, 08 Mar 2022 23:38:10 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 93ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 130948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 18:59:49 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: /37mrKLjpDN1w7sYmrAn/ZoYVw+Y9cCC1hzfGthOKM++44JqrYsMxDEIJ2qS6iuFB9Zwtf4RFreuknnnSVqHkg==
x-frame-options: DENY
date: Thu, 10 Feb 2022 07:22:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 24 KB
10 KB 39ms
12ms Script
application/javascript 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-a4LDpi_DEopn-
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 17 Feb 2022 07:22:17 GMT

GET
H2 200 322 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 545ms
184ms Script
application/javascript 52.41.136.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&ref=
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.136.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-136-243.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 21c6b0751b28f6d4dd0e715fdc84f6aa41aa37c7ab8b87287e976617d1ecbd51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
server: nginx/1.18.0
content-length: 3241
content-type: application/javascript

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 69ms
11ms Script
application/x-javascript 2600:9000:2315:fc00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:fc00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 06:27:11 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 3306
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ZVfzlQvlEoKP82rS3glYe8Zokt0Q-JjIyz3vfwhUt7135SQcv-bydw==
expires: Thu, 10 Feb 2022 08:27:11 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=676291bbfbd43884c07634fc694b11bc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ba70bd763f06d02da1fc194a21a1ce9a49fcf4d224f5a4e8fc8a7003425dc4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://storyconsole.dallasobserver.com/
Origin: https://storyconsole.dallasobserver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CPFqpmKzPcx3vvr06tozzA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83543
x-fb-rlafr: 0
x-fb-debug: nbMHyZN1Gx2gVY89tpLG7i4c4aUCHJCvQKi34aH1pGbM9p5FNKAawvP6Q1c523VAmsy10aeQU8YMtsYpT/9lCg==
x-fb-content-md5: 1de47e1a174af21d64556a68971681f6
x-frame-options: DENY
date: Thu, 10 Feb 2022 07:22:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "79d1125fa29c1177c4c8161a75f5631b"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 10 Feb 2023 05:35:34 GMT

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 23 KB
8 KB 406ms
389ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

65d219e5c38d48c3f110b2cc06367a2f8a695d2232131949a64eee8f37739001

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://storyconsole.dallasobserver.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 10 Feb 2022 07:22:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 35777495-4657-4e1c-8c9c-8ce10d28800d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://storyconsole.dallasobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 92ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=706981872&t=pageview&_s=1&dl=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&ul=en-us&de=UTF-8&dt=Altai%20Balance%20Review%3A%20Customers%20Revealed%20Shocking%20Results&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1312599350&gjid=1065372855&cid=603120731.1644477738&tid=UA-395255-24&_gid=1907910590.1644477738&_r=1&_slc=1&cd2=General&z=416239756

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://storyconsole.dallasobserver.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://storyconsole.dallasobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 106 KB
35 KB 85ms
37ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3402db0f440dcb6710a255c7029208cdec7e26ef06ece32ebcdda519314e3d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36192
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 03:27:54 GMT

GET
H/1.1 200
OK widget_iframe.4e067713e19d4fff483536ddc4df18b9.html Show response
platform.twitter.com/widgets/ Frame 7BB1 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fstoryconsole.dallasobserver.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 130416
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Feb 2022 07:22:17 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 01 Feb 2022 20:00:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 184ms
145ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://storyconsole.dallasobserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Thu, 10 Feb 2022 07:22:17 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 147ms
146ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://storyconsole.dallasobserver.com/
Bugsnag-Sent-At: 2022-02-10T07:22:17.632Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: 6a718baeb7a9a3b44b6047423cea023a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 07:22:17 GMT
via: 1.1 google
bugsnag-session-uuid: ab610160-b7ef-42e3-8944-861c92f9776b
alt-svc: clear
content-length: 21
content-type: application/json

GET
H3 200 274857686046164 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 77ms
77ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/274857686046164?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a744bb69606a20cd1e063e1ae742dbdaee1bf9e62805ce097388e974179443a6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: HV3fqxstGH8fhzvhxYMOMi5iv+LmJh4aIsCCW1ehCPOvqtPqOrv61W4odYEdhJCMuX2ubfiIMsb/WMKiPbzukQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 10 Feb 2022 07:22:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-a4LDpi_DEopn-.js Show response
rules.quantcount.com/ 147 B
603 B 75ms
18ms Script
application/javascript 2600:9000:225f:e800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a4LDpi_DEopn-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-a4LDpi_DEopn-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:e800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e473c5a0ab2d00ffbdeb98695814298342e62af559b10d7aebce684dee1cf24a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:06:30 GMT
via: 1.1 086613b3103277577d231678b44747c2.cloudfront.net (CloudFront)
age: 3170
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 147
last-modified: Wed, 26 Jun 2019 16:40:34 GMT
server: AmazonS3
etag: "64852ad0768d254e4052f94f8b97011c"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
x-amz-cf-id: 4R-zOcA4R3ERR_opLJC2G2Azm8BqyyinT1H8GROHu-TbvfKKMXMJNw==

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 11 KB
2 KB 419ms
336ms XHR
application/json 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=1010&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a5d48aaae94435dfb363352d10c67c8e00ab8bba67686eba5198e31415b890

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 1749
x-ua-compatible: IE=edge
last-modified: Wed, 09 Feb 2022 11:46:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: en
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, public, s-maxage=60, max-age=0
accept-ranges: bytes
cf-ray: 6db395e57c489122-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
453 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-395255-24&cid=603120731.1644477738&jid=1312599350&gjid=1065372855&_gid=1907910590.1644477738&_u=YEBAAAAAAAAAAC~&z=523657949

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://storyconsole.dallasobserver.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 10 Feb 2022 07:22:17 GMT
content-type: text/plain
access-control-allow-origin: https://storyconsole.dallasobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 296ms
96ms Image
image/gif 52.21.62.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=dallasobserver.com&p=%2Fsc%2Faltai-balance-review&u=CkwUTRP_w5uD4b0cd&d=storyconsole.dallasobserver.com&g=10424&g0=%2Fhome&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8086&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=6273&t=D1v479rZo67CS2vLjBKgLGACS-WsW&V=129&i=Altai%20Balance%20Review%3A%20Customers%20Revealed%20Shocking%20Results&tz=0&sn=1&sv=C8do9RCROcsjWKXVJBhHaUFC2sw7h&sd=1&im=061b2ff3&_
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.62.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-62-223.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 57ms
40ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1183008058788701&input_token&origin=1&redirect_uri=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&sdk=joey&wants_cookie_data=true

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: TFPGmweVHj1MZLs+XDPluKw/SPPfU6r/kChxBOMv1uALZGwfXl7UsDFbax8vrTE3SOQH83TWaNP0YHkK2hSzmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Thu, 10 Feb 2022 07:22:17 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://storyconsole.dallasobserver.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame E29B 513 B
948 B 140ms
53ms Document
text/html 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e72079aa5e5d5c0b144743d47140f0d6d842acfc41cc99b143972bc35109696b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-5GXMuBagcFfNj/hBCCAGDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Feb 2022 07:22:17 GMT
content-language: en-US
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-5GXMuBagcFfNj/hBCCAGDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=274857686046164&ev=PageView&dl=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&rl=&if=false&ts=1644477737823&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644477737822.1546281318&it=1644477737669&coo=false&exp=p1&rqm=GET

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 10 Feb 2022 07:22:17 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 139ms
52ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-395255-24&cid=603120731.1644477738&jid=1312599350&_u=YEBAAAAAAAAAAC~&z=957626419

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 138ms
51ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-395255-24&cid=603120731.1644477738&jid=1312599350&_u=YEBAAAAAAAAAAC~&z=957626419

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=760110697;rf=0;a=p-a4LDpi_DEopn-;url=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review;uht=2;fpan=1;fpa=P0-1460932940-1644477737830;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-...
pixel.quantserve.com/ 35 B
371 B 11ms
11ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=760110697;rf=0;a=p-a4LDpi_DEopn-;url=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review;uht=2;fpan=1;fpa=P0-1460932940-1644477737830;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=dallasobserver.com;je=0;sr=1600x1200x24;dst=0;et=1644477737830;tzo=0;ogl=url.https%3A%2F%2Fstoryconsole%252Edallasobserver%252Ecom%2Fsc%2Faltai-balance-review%2Csite_name.Dallas%20Observer%2Ctitle.Altai%20Balance%20Review%3A%20Customers%20Revealed%20Shocking%20Results%2Cimage.https%3A%2F%2Fmedia2%252Edallasobserver%252Ecom%2Fdal%2Fimager%2Fu%2Fslideshow%2F12524864%2Faltai-balance-%2Cimage%3Awidth.1524%2Cimage%3Aheight.813%2Cdescription.Altai%20Balance%20is%20mainly%20created%20to%20protect%20people%20from%20diabetes%20and%20pre-diabetes%2Ctype.website

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7BB1 232 B
447 B 135ms
117ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b646229b80e2b1517c2773c126b57df9d10d9f19

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fstoryconsole.dallasobserver.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 109
date: Thu, 10 Feb 2022 07:22:17 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 07:22:17 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 7d05ad4d1dfae9ec0f4b6e2d6c8c84c3faa5e7c490e9fad38f6151bf5e3f6cfe
content-length: 166

POST
H3 204 cspreport
accounts.google.com/o/ Frame E29B 0
19 B 105ms
49ms Other
text/html 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mY06bj0T5lrXydlAoP9elQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:18 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-mY06bj0T5lrXydlAoP9elQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 953C 0
819 B 64ms
26ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&e=wqT_3QKQDXyQBgAAAwDWAAUBCKn6kpAGENrwsPWEvJCqfRgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCbBEQDC7gJYGOMNGQMNGSAJQ4La9ogFYoetaYABonbJ0eOLWBYABAYoBA1VTRJIFBvBSmAHQD6ABhAeoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQCKAlh1ZignYScsIDI5Njg0ODQsIDE2NDQ0Nzc3MzcpO3VmKCdpJywgOTY0Njc1LCA-HAAwcicsIDM0MDc0NTA1NjY7APBpkgL5AyFLVXZBWkFpcHpONFlFT0MydmFJQkdBQWdvZXRhTUFBNEFFQUVTTU5HVUx1QWxnWllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JBQUFBQQUEDERCQVEFCQUBPHlRRVJqNFdZcjdEd1A5a0IFFTRBQUE4RF9nQWNQd092VQkUKEpnQ0FLQUNBTFVDASAIQUwwCQjwTE1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TlRNeE51QUR5eTJBQkFDSUJBQ1FCQUNZQkFIQkJBBVoFAQR5UR2lGE5nRUFQRUUFGQUBIENJQmNRcHFRVQUOHEFBRHdQN0VGDQ0BEARCQh0_AHkVKAxBQUFOMigAAFouKACoNEFVQThBV1pwSkFJLUFXa2w3VUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWQFKCQEkS2dHQXJJR0pBawkQAQEAQh2rBEJrARIJAQBDHRhETGdHSmcuLpoCmQEhNGdfbXlnOv0BKEtIcldpQUVLQUF4CT4FAQA2MkkBEGtETExVEWEMRHdQMR1hAEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUR0Q8F5BLi7YArnhA-ACn_Ba6gI_aHR0cHM6Ly9zdG9yeWNvbnNvbGUuZGFsbGFzb2JzZXJ2ZXIuY29tL3NjL2FsdGFpLWJhbGFuY2UtcmV2aWV38gIRCgZBRFZfSUQSBzI5NmFDbPICEgoGQ1BHX0lEEggxNzA0Mzk5M_ICEQoFQ1AFFFw1MTg4MTUxM_ICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQACMJIJBDT0RFEhdUaGVfTW9ybmluZ19BZnRlcl9Qcm9tb_ICMAoIQ1BHCSYsJGRhbF9UaGVNb3JpASoJKVQwMjEwMjJfU2tpbl9ST1PyAicKB0NQCTIAHAEyBFNwAftgcnNoaXBfTG9jYWxfNTI2NTM08gIPCgVJTwG3CAY5NoEFGPICCwoHSU8JPEQA8gITCg9DVVNUT01fTU9ERUwBKhQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCfATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APJGeADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDzE4NS4yMTMuMTU1LjE2NqgEALIEEAgAEAEY0A8ghAcoADAAOAK4BADABADIBADSBA45MDI3I0ZSQTE6NTMxNtoEAggB4AQB8ATgtr2iAYgFAZgFAKAF____________AcAFAMkFAKWeEPA_0gUJtdZo2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGBS4sAPA_0AbgLtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vwZAAMgH4tYF0gcNFXQBOAjaBwYJJ0TgBwDqBwIIAPAHi78BiggCEAA.&s=e7d0bfd90dd6929dce9c8bee725dce8ab1a7f058&bdref=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review,https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:18 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0683360e-f911-442d-b265-f4327c3cc942
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/222/ Frame 953C 85 KB
29 KB 46ms
6ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/222/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 07:22:18 GMT
Content-Encoding: gzip
Age: 4999233
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29209
X-Served-By: cache-lga21964-LGA, cache-hhn4034-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Tue, 14 Dec 2021 10:40:55 GMT
Server: AkamaiNetStorage
X-Timer: S1644477738.018936,VS0,VE0
ETag: "27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1362351, 6178845

GET
H/1.1 200
OK 284ac838-cbd1-4d9b-8a9c-fc87fce80f6b.jpg
crcdn01.adnxs-simple.com/creative/p/9027/2022/2/8/31633123/ Frame 953C 85 KB
85 KB 146ms
108ms Image
image/jpeg 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/9027/2022/2/8/31633123/284ac838-cbd1-4d9b-8a9c-fc87fce80f6b.jpg
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e4852b74180a3b7326e14ba19ea389cd85d237ab3f4a0f21cf904f60a9026319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 07:22:18 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4640
X-Cache: HIT, MISS
Connection: keep-alive
Content-Length: 86627
X-Served-By: cache-lga21948-LGA, cache-hhn4046-HHN
Last-Modified: Tue, 08 Feb 2022 23:43:10 GMT
Server: nginx/1.19.0
Cache-Control: max-age=3888000
X-Timer: S1644477738.019597,VS0,VE85
ETag: "438f65cc99422f8dd64da50f6386c932"
x-amz-request-id: 61d2d570-2c6f-49ec-8b0e-eb6d094b1a9b
Access-Control-Allow-Origin: *
Expires: Sun, 27 Mar 2022 06:04:57 GMT
X-Clv-Request-Id: 61d2d570-2c6f-49ec-8b0e-eb6d094b1a9b
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 0

GET
H3

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2EBA
Redirect Chain

https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=359954229
https://securepubads.g.doubleclick.net/tag/js/gpt.js

80 KB
27 KB

91ms
45ms

Script
text/javascript

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2ff5e5bd21eddd1f8403fc955ba727d579c19abb85e861f91114475602da592e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27289
x-xss-protection: 0
server: sffe
etag: "1127 / 364 of 1000 / last-modified: 1644448022"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Feb 2022 07:22:18 GMT

Redirect headers

date: Thu, 10 Feb 2022 07:22:18 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Thu, 10 Feb 2022 07:52:18 GMT

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 2EBA 0
819 B 74ms
44ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:18 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4af58970-5791-4c67-9a81-8e31154df8e3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/222/ Frame 2EBA 85 KB
29 KB 39ms
7ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/222/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 10 Feb 2022 07:22:18 GMT
Content-Encoding: gzip
Age: 4999232
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29209
X-Served-By: cache-lga21941-LGA, cache-hhn4043-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Tue, 14 Dec 2021 10:40:55 GMT
Server: AkamaiNetStorage
X-Timer: S1644477738.019192,VS0,VE0
ETag: "27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 2724191, 1538058

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ 0
819 B 117ms
88ms Image
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&e=wqT_3QKsCnwsBQAAAwDWAAUBCKn6kpAGENrwsPWEvJCqfRgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCbBEQDC7gJYGOMNGQMNGSAJQ4La9ogFYoetaYABonbJ0eOLWBYABAYoBA1VTRJIFBvBSmAHQD6ABhAeoAQGwAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQCKAlh1ZignYScsIDI5Njg0ODQsIDE2NDQ0Nzc3MzcpO3VmKCdpJywgOTY0Njc1LCA-HAAwcicsIDM0MDc0NTA1NjY7APBpkgL5AyFLVXZBWkFpcHpONFlFT0MydmFJQkdBQWdvZXRhTUFBNEFFQUVTTU5HVUx1QWxnWllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JBQUFBQQUEDERCQVEFCQUBPHlRRVJqNFdZcjdEd1A5a0IFFTRBQUE4RF9nQWNQd092VQkUKEpnQ0FLQUNBTFVDASAIQUwwCQjwTE1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TlRNeE51QUR5eTJBQkFDSUJBQ1FCQUNZQkFIQkJBBVoFAQR5UR2lGE5nRUFQRUUFGQUBIENJQmNRcHFRVQUOHEFBRHdQN0VGDQ0BEARCQh0_AHkVKAxBQUFOMigAAFouKACoNEFVQThBV1pwSkFJLUFXa2w3VUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWQFKCQEkS2dHQXJJR0pBawkQAQEAQh2rBEJrARIJAQBDHRhETGdHSmcuLpoCmQEhNGdfbXlnOv0BKEtIcldpQUVLQUF4CT4FAQA2MkkBEGtETExVEWEMRHdQMR1hAEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUR0Q8O1BLi7YArnhA-ACn_Ba6gI_aHR0cHM6Ly9zdG9yeWNvbnNvbGUuZGFsbGFzb2JzZXJ2ZXIuY29tL3NjL2FsdGFpLWJhbGFuY2UtcmV2aWV3gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDyRngAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGNAPIIQHKAAwADgCuAQAwAQAyAQA0gQOOTAyNyNGUkExOjUzMTbaBAIIAeAEAfAE4La9ogGIBQGYBQCgBf___________wHABQDJBQAAgTsQ8D_SBQmVcmjYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYBLTAAAPA_0AbgLtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vwZAAMgH4tYF0gcNFXQBOAjaBwYJJ0TgBwDqBwIIAPAHi78BiggCEAA.&s=51f21c7da3c9fc5f4d0c917cb262edd5a22fe171

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:18 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0c903d38-7a20-4d02-8410-293389469028
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ 0
819 B 47ms
18ms Image
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&e=wqT_3QKrCnwrBQAAAwDWAAUBCKn6kpAGEMfp7vCezuTmJRgAKjYJMwUBCMM_EQUIEDPDPxkABQEIREAhERIAKREJ0DEAAABAMzPjPzC8gJYGOMNGQMNGSAJQlPX5kgFYoetaYABonbJ0eOLWBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDM5MzkyMjQsIDE2NDQ0Nzc3MzcpO3VmKCdpJywgMjc0MjEyNiwgMTY0Mh0ANHInLCAzMDgxODE2NTIsMjwA9A4BkgL5AyFWbFNrSUFpb3lwSVFFSlQxLVpJQkdBQWdvZXRhTUFBNEFFQUVTTU5HVUx5QWxnWllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JsMEFLMFRNend6X0JBWmRBQ3RFek04TV95UUVxSmJ6UVhqUHVQOWtCQUFBQUFBQUE4RF9nQWU2dXB3SDFBUUFBQUFDWUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pVek1UYmdBOHN0Z0FRQWlBUUFrQVFBbUFRQndRUUFBQQF-FEFBQU1rRQEHCQEURFlCQUR4FZ0oQUFBaUFYRUtha0YBDAEBFDhELXhCUQEKCQEId1FVCQkBAQBNGSgMQUFEUi4oAAAyLigAuE9BRm1IWHdCWXFaeGdUNEJaaTM4QUdDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCak16BQIsOE1fcUFZQnNnWWtDHYAARR0MAEcdDABJHQw4dUFZS5oCmQEhM2hHMWF3Ov0BKEtIcldpQUVLQUF4BWlkek16d3o4NkNVWlNRVEU2TlRNeE5rRExMVWsB4xxBQUFEd1AxRQEJCQEARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRHRD0KgFBLi7YArnhA-ACn_Ba6gI_aHR0cHM6Ly9zdG9yeWNvbnNvbGUuZGFsbGFzb2JzZXJ2ZXIuY29tL3NjL2FsdGFpLWJhbGFuY2UtcmV2aWV3gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDyRngAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA45MDI3I0ZSQTE6NTMxNtoEAggB4AQB8ASU9fmSAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4C7aBhYKEIWSHQFYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcBt0wAGAAgADAAOL8GQADIB-LWBdIHDRV0AR4M2gcGCAUJROAHAOoHAggA8AeLvwGKCAIQAA..&s=69ef47affaaeca8739163c54b23b853d6d462cd7

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:18 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4d946366-e16f-4b12-9c52-5b75a55b9fba
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1959142245-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame E29B 113 KB
114 KB 130ms
36ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1959142245-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d442d7575fcce245d4d2af6608ffa60dffb51811abbc4de16dc2591500b7bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 15:22:40 GMT
x-content-type-options: nosniff
age: 143978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115848
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 03:14:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 15:22:40 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 526ms
172ms Script
application/javascript 44.230.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.230.193.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-230-193-23.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 00:28:16 GMT
server: nginx/1.18.0
etag: W/"1643761696.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 10 Feb 2022 19:22:18 GMT

GET
H2 200 322 Show response
p.ad.gt/api/v1/p/ 27 KB
8 KB 531ms
174ms Script
application/javascript 44.233.217.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/322
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.217.175 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-217-175.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 443873dd87441f66d0d005f8e6b2182408fc28fc1c2e049551e062c6ced848dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 00:27:22 GMT
server: nginx/1.18.0
etag: W/"1643761642.0-27421-2710637159"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 10 Feb 2022 19:22:18 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&adnxs_id=$UID
https://ids.ad.gt/api/v1/match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&adnxs_id=5287398827307668341

43 B
563 B

548ms
180ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&adnxs_id=5287398827307668341
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 10 Feb 2022 19:22:18 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:18 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f26caf24-58d4-4e2f-a6e0-5d38573f2c64
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&adnxs_id=5287398827307668341
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=08032bef-d1e5-461e-94ef-8ed61179a5f6
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=08032bef-d1e5-461e-94ef-8ed61179a5f6
https://ids.ad.gt/api/v1/t_match?tdid=e405682e-65bf-45fd-8888-3a1d99697973&id=08032bef-d1e5-461e-94ef-8ed61179a5f6

43 B
568 B

438ms
195ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=e405682e-65bf-45fd-8888-3a1d99697973&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 10 Feb 2022 19:22:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=e405682e-65bf-45fd-8888-3a1d99697973&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D08032bef-d1e5-461e-94ef-8ed61179a5f6
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D08032bef-d1e5-461e-94ef-8ed61179a5f6
https://ids.ad.gt/api/v1/pbm_match?pbm=5B0ACAF5-A95D-4A46-8D7C-431487B45288&id=08032bef-d1e5-461e-94ef-8ed61179a5f6

43 B
571 B

657ms
339ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=5B0ACAF5-A95D-4A46-8D7C-431487B45288&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 10 Feb 2022 19:22:18 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=5B0ACAF5-A95D-4A46-8D7C-431487B45288&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=08032bef-d1e5-461e-94ef-8ed61179a5f6&google_tc=
https://ids.ad.gt/api/v1/g_match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&google_gid=CAESEIhVcCnROuPsDovbuOMXPNA&google_cver=1&google_ula=450542624,0

43 B
570 B

487ms
338ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&google_gid=CAESEIhVcCnROuPsDovbuOMXPNA&google_cver=1&google_ula=450542624,0
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 10 Feb 2022 19:22:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&google_gid=CAESEIhVcCnROuPsDovbuOMXPNA&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=08032bef-d1e5-461e-94ef-8ed61179a5f6
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDgwMzJiZWYtZDFlNS00NjFlLTk0ZWYtOGVkNjExNzlhNWY2

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDgwMzJiZWYtZDFlNS00NjFlLTk0ZWYtOGVkNjExNzlhNWY2

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDgwMzJiZWYtZDFlNS00NjFlLTk0ZWYtOGVkNjExNzlhNWY2
date: Thu, 10 Feb 2022 07:22:18 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=08032bef-d1e5-461e-94ef-8ed61179a5f6&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D08032bef-d1e5-461e-94ef-8ed61...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=08032bef-d1e5-461e-94ef-8ed61179a5f6&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D08032be...
https://ids.ad.gt/api/v1/adb_match?adb=27956972713803955722744899469468260978&id=08032bef-d1e5-461e-94ef-8ed61179a5f6

43 B
478 B

489ms
340ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=27956972713803955722744899469468260978&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 10 Feb 2022 19:22:18 GMT

Redirect headers

DCS: dcs-prod-irl1-2-v027-0ff9670d4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 3+VVReSJSp8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://ids.ad.gt/api/v1/adb_match?adb=27956972713803955722744899469468260978&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

204
No Content

token
token.rubiconproject.com/
Redirect Chain

https://ids.ad.gt/api/v1/rub?id=08032bef-d1e5-461e-94ef-8ed61179a5f6
https://token.rubiconproject.com/token?pid=50242&puid=08032bef-d1e5-461e-94ef-8ed61179a5f6&gdpr=0

0
214 B

42ms
7ms

Image
text/plain

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=08032bef-d1e5-461e-94ef-8ed61179a5f6&gdpr=0
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://token.rubiconproject.com/token?pid=50242&puid=08032bef-d1e5-461e-94ef-8ed61179a5f6&gdpr=0
date: Thu, 10 Feb 2022 07:22:18 GMT
server: nginx/1.18.0
content-length: 417
content-type: text/html; charset=utf-8

GET
H2

200

beeswax_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=08032bef-d1e5-461e-94ef-8ed61179a5f6
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=08032bef-d1e5-461e-94ef-8ed61179a5f6&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAC9gU7ECXoAAHjk9Y_Hew&id=08032bef-d1e5-461e-94ef-8ed61179a5f6

43 B
476 B

180ms
179ms

Image
image/gif

44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAC9gU7ECXoAAHjk9Y_Hew&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 10 Feb 2022 19:22:18 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAC9gU7ECXoAAHjk9Y_Hew&id=08032bef-d1e5-461e-94ef-8ed61179a5f6
Date: Thu, 10 Feb 2022 07:22:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 953C 0
857 B 8ms
7ms Ping
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&e=wqT_3QKsCnwsBQAAAwDWAAUBCKn6kpAGENrwsPWEvJCqfRgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCbBEQDC7gJYGOMNGQMNGSAJQ4La9ogFYoetaYABonbJ0eOLWBYABAYoBA1VTRJIFBvBSmAHQD6ABhAeoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQCKAlh1ZignYScsIDI5Njg0ODQsIDE2NDQ0Nzc3MzcpO3VmKCdpJywgOTY0Njc1LCA-HAAwcicsIDM0MDc0NTA1NjY7APBpkgL5AyFLVXZBWkFpcHpONFlFT0MydmFJQkdBQWdvZXRhTUFBNEFFQUVTTU5HVUx1QWxnWllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JBQUFBQQUEDERCQVEFCQUBPHlRRVJqNFdZcjdEd1A5a0IFFTRBQUE4RF9nQWNQd092VQkUKEpnQ0FLQUNBTFVDASAIQUwwCQjwTE1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TlRNeE51QUR5eTJBQkFDSUJBQ1FCQUNZQkFIQkJBBVoFAQR5UR2lGE5nRUFQRUUFGQUBIENJQmNRcHFRVQUOHEFBRHdQN0VGDQ0BEARCQh0_AHkVKAxBQUFOMigAAFouKACoNEFVQThBV1pwSkFJLUFXa2w3VUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWQFKCQEkS2dHQXJJR0pBawkQAQEAQh2rBEJrARIJAQBDHRhETGdHSmcuLpoCmQEhNGdfbXlnOv0BKEtIcldpQUVLQUF4CT4FAQA2MkkBEGtETExVEWEMRHdQMR1hAEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUR0Q8O1BLi7YArnhA-ACn_Ba6gI_aHR0cHM6Ly9zdG9yeWNvbnNvbGUuZGFsbGFzb2JzZXJ2ZXIuY29tL3NjL2FsdGFpLWJhbGFuY2UtcmV2aWV3gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDyRngAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGNAPIIQHKAAwADgCuAQAwAQAyAQA0gQOOTAyNyNGUkExOjUzMTbaBAIIAeAEAfAE4La9ogGIBQGYBQCgBf___________wHABQDJBQAAgTsQ8D_SBQmVcmjYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYBLTAAAPA_0AbgLtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vwZAAMgH4tYF0gcNFXQBOAjaBwYJJ0TgBwDqBwIIAPAHi78BiggCEAA.&s=d015b5142204cbe2b1fca41005c46b9d25be3375&type=nv&nvt=5&jm=1003&px=-200&py=0&bw=2000&bh=900&sid=6497263101027708598&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12943419&sw=1600&sh=1200&pw=1600&ph=8086&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:18 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a287fc42-2b8a-44c1-8f7e-47ed5b80ec0b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://storyconsole.dallasobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2EBA 0
857 B 41ms
41ms Ping
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&e=wqT_3QKrCnwrBQAAAwDWAAUBCKn6kpAGEMfp7vCezuTmJRgAKjYJMwUBCMM_EQUIEDPDPxkABQEIREAhERIAKREJ0DEAAABAMzPjPzC8gJYGOMNGQMNGSAJQlPX5kgFYoetaYABonbJ0eOLWBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDM5MzkyMjQsIDE2NDQ0Nzc3MzcpO3VmKCdpJywgMjc0MjEyNiwgMTY0Mh0ANHInLCAzMDgxODE2NTIsMjwA9A4BkgL5AyFWbFNrSUFpb3lwSVFFSlQxLVpJQkdBQWdvZXRhTUFBNEFFQUVTTU5HVUx5QWxnWllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JsMEFLMFRNend6X0JBWmRBQ3RFek04TV95UUVxSmJ6UVhqUHVQOWtCQUFBQUFBQUE4RF9nQWU2dXB3SDFBUUFBQUFDWUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pVek1UYmdBOHN0Z0FRQWlBUUFrQVFBbUFRQndRUUFBQQF-FEFBQU1rRQEHCQEURFlCQUR4FZ0oQUFBaUFYRUtha0YBDAEBFDhELXhCUQEKCQEId1FVCQkBAQBNGSgMQUFEUi4oAAAyLigAuE9BRm1IWHdCWXFaeGdUNEJaaTM4QUdDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCak16BQIsOE1fcUFZQnNnWWtDHYAARR0MAEcdDABJHQw4dUFZS5oCmQEhM2hHMWF3Ov0BKEtIcldpQUVLQUF4BWlkek16d3o4NkNVWlNRVEU2TlRNeE5rRExMVWsB4xxBQUFEd1AxRQEJCQEARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRHRD0KgFBLi7YArnhA-ACn_Ba6gI_aHR0cHM6Ly9zdG9yeWNvbnNvbGUuZGFsbGFzb2JzZXJ2ZXIuY29tL3NjL2FsdGFpLWJhbGFuY2UtcmV2aWV3gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDyRngAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA45MDI3I0ZSQTE6NTMxNtoEAggB4AQB8ASU9fmSAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4C7aBhYKEIWSHQFYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcBt0wAGAAgADAAOL8GQADIB-LWBdIHDRV0AR4M2gcGCAUJROAHAOoHAggA8AeLvwGKCAIQAA..&s=69ef47affaaeca8739163c54b23b853d6d462cd7&type=nv&nvt=5&jm=1003&sid=6497263101027708598&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12943420&sw=1600&sh=1200&pw=1600&ph=8086&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:18 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 273394cd-a960-495f-9ec4-f3205993e0cf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://storyconsole.dallasobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 location Show response
www.pelcro.com/api/v1/sdk/ 66 B
156 B 41ms
40ms XHR
application/json 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d92dc4ef46f39dae0b2908c18f8f0623acfd88bc861da9378e7d2393f092228

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://storyconsole.dallasobserver.com/
X-Pelcro-Sdk-Version: 2.5.11
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6db395e7da619122-FRA

OPTIONS
H2 200 location
www.pelcro.com/api/v1/sdk/ Frame 0
0 27ms
27ms Preflight 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Origin: https://storyconsole.dallasobserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6db395e7a9e19122-FRA

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame E29B 15 B
59 B 50ms
50ms XHR
application/json 2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fstoryconsole.dallasobserver.com&client_id=771630198685-htj3r4pb4jl3l6l2as70vgcnjsvq8sec.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1959142245-idpiframe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 10 Feb 2022 08:22:18 GMT

GET
H3 200 pubads_impl_2022020701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2EBA 356 KB
120 KB 36ms
36ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=359954229

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5514e154a0779b75c1037f4735d4536a6fdbf7594464157ccf692739cd803cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 22:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122460
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Feb 2023 22:01:08 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/west-word/ 713 KB
105 KB 9ms
8ms Script
text/javascript 2600:9000:223c:c000:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/west-word/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c000:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cfd33c901ea82fe2dcea630488f62cf84f7ba8a4b32381a28fa582a2e198e9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 02:06:55 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 14:05:03 GMT
server: AmazonS3
age: 21248
etag: "9b2c5bd2ec5101a9097857b9f2422a85"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 106785
x-amz-cf-id: epwN0lZx_MN9aqJP9yT_Ve_2z1fVOuMNp3a6xpm1XEIPx9Vz2jX5_A==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=274857686046164&ev=Microdata&dl=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&rl=&if=false&ts=1644477738337&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Altai%20Balance%20Review%3A%20Customers%20Revealed%20Shocking%20Results%22%2C%22meta%3Adescription%22%3A%22Altai%20Balance%20is%20mainly%20created%20to%20protect%20people%20from%20diabetes%20and%20pre-diabetes%20or%20anyone%20who%20wants%20to%20keep%20sugar%20levels%20in%20control.%20Altai%20Balance%20is%20a%20supplement%20that%20includes%2019%20ingredients%20that%20are%20healthy%20for%20maintaining%20sugar%20levels.%22%2C%22meta%3Akeywords%22%3A%22Dallas%20news%2C%20Texas%20news%2C%20Dallas%20events%2C%20Texas%20events%2C%20Dallas%20Observer%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review%22%2C%22og%3Asite_name%22%3A%22Dallas%20Observer%22%2C%22og%3Atitle%22%3A%22Altai%20Balance%20Review%3A%20Customers%20Revealed%20Shocking%20Results%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia2.dallasobserver.com%2Fdal%2Fimager%2Fu%2Fslideshow%2F12524864%2Faltai-balance-800x427.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221524%22%2C%22og%3Aimage%3Aheight%22%3A%22813%22%2C%22og%3Adescription%22%3A%22Altai%20Balance%20is%20mainly%20created%20to%20protect%20people%20from%20diabetes%20and%20pre-diabetes%20or%20anyone%20who%20wants%20to%20keep%20sugar%20levels%20in%20control.%20Altai%20Balance%20is%20a%20supplement%20that%20includes%2019%20ingredients%20that%20are%20healthy%20for%20maintaining%20sugar%20levels.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644477737822.1546281318&it=1644477737669&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 10 Feb 2022 07:22:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2EBA 107 B
792 B 132ms
47ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=storyconsole.dallasobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2EBA 107 B
549 B 135ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=storyconsole.dallasobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2EBA 18 KB
10 KB 383ms
383ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2547486540128767&correlator=973596638289497&output=ldjh&eid=31064810%2C31063707&output=ldjh&gdfp_req=1&vrg=2022020701&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220210&iu_parts=21843165966%3A98238595%2CVoice_Media_Group_Dallas_Observer&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&cdm=storyconsole.dallasobserver.com&bc=31&abxe=1&dt=1644477738395&lmt=1644477738&dlt=1644477737978&idt=396&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=1024&adks=3302078446&ucis=cvndonc4bvx4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&top=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=603120731.1644477738&ga_sid=1644477738&ga_hid=1691741688&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9bd7c996a75e5ab2b34f1dd5b6b4f99ec4efec335fe25e24960c93834cfc1515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10082
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://storyconsole.dallasobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 36B7 6 KB
4 KB 149ms
47ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Feb 2022 07:22:18 GMT
expires: Fri, 10 Feb 2023 07:22:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
651 B 190ms
189ms Image
image/gif 44.240.108.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=08032bef-d1e5-461e-94ef-8ed61179a5f6&halo_id=0200j2q9gt07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.108.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 10 Feb 2022 19:22:18 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 525ms
171ms Script
text/plain 44.237.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=dd172df4e06a4f434de37dc1bcd9fdde&url=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.47.166 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-47-166.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Feb 2022 07:22:19 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 310 KB
89 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df14864854909d86782fc3334090a8b53281c0ea098c1ac5a6a3611a505eb20c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90783
x-xss-protection: 0
pragma: public
x-fb-debug: 1zm6bF1XTqpMZAjOUZWSEqFyvF98+KUYTyPKSik1E9hPQ+kX/espUoOOLQnf2ZejlGCavSsH91Y+gOcAMajGjw==
x-frame-options: DENY
date: Thu, 10 Feb 2022 07:22:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 40ms
40ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Feb 2022 08:04:57 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 06:57:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Feb 2022 07:57:14 GMT

GET
H2 200 segments.js Show response
seg.ad.gt/api/v1/ 120 B
217 B 645ms
288ms Script
application/javascript 35.166.104.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments.js?partner_id=322&url=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.104.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-104-223.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 9e04695ad31a24a93957880684618c5194773e6d527b50cc365ad03b6e6c593c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:19 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: application/javascript

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
305 B 196ms
163ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200j2q9gt07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D08032bef-d1e5-461e-94ef-8ed61179a5f6
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2EBA 13 KB
10 KB 142ms
55ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b08d9f5121954e70d706ddc1075d84b95590d475c510fba27ee86eb4c9eb02b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9797
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 13ms
13ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&rl=&if=false&ts=1644477738607&cd[partner_id]=322&cd[tagger_id]=dd172df4e06a4f434de37dc1bcd9fdde&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644477737822.1546281318&it=1644477737669&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 10 Feb 2022 07:22:18 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2EBA 17 KB
7 KB 137ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 07:22:18 GMT

GET
H3 200 container.html Show response
2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4C56 6 KB
3 KB 86ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020701.js?31064810

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 07:22:18 GMT
expires: Fri, 10 Feb 2023 07:22:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBCB 13 KB
5 KB 89ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 07:14:08 GMT
expires: Fri, 10 Feb 2023 07:14:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5037 783 B
536 B 101ms
52ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed322afa968bb3664894ebff53ea23bbef0526851c6730440513fe5f9ec9d9d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QWVBQI4Nd1Gg0WWPEmwYsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 10 Feb 2022 07:22:18 GMT
date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QWVBQI4Nd1Gg0WWPEmwYsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DDE0 624 B
733 B 139ms
53ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGPfn854BMAE&v=APEucNWo3IDL3-cPv8Tyo_lzQ0S6gouE18ytvpcM9pDSioeP2G_-myZZJM-NhwvPMvUVgOaup2kdV-Zy9lTPW12w4I-H1-rFgobJIAUwED1vGGn4T-YtiWsX7gb4b6R6Frcv5SqISJusMEap_6ZmxGW64nr2mCMlPGlJ1kHysiIwFi1HLxgqr0M

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 10 Feb 2022 07:22:19 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4C56 74 KB
31 KB 169ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cf-SIiSkNsaTzj5Wz_t0xIvIxyu2VGx1_hCfTJ26sRo6BrsogSpGOxuFDvpAiZcZ8Pbh1NfKspdRv0hgFbLo_g_DQNuEgsLsre9JtSlBdU5uOKU5IrjORkDrax-yrWocDc8cEVARPWr35sYp_tckkBBcc2Pg&dbm_d=AKAmf-D6bwZOC-_uF65oPAhAmdqhPDbwlYs7Q4RG9SPfHCP6nhlQ_q0N0Lx3YE9kMSzdRrnGscd-n46goBz-uPyIRPCZzz2nmcxh2pGg7hn2PArcFDo8moWfgfhLRmMWeuHRsXVLbg924g9TMsY_L3PcDdQdxxOh6CDvbiejBKijN3GC5UIiTt-uu3siUcs_EP1WZS2Y2oQrMVN88gGOR3XP9ee0Lsf8qwPBK4lkYIazuj7cKnT5P7DW7vnnzElNuau6lfdD5WQDkws9hWBE1GRKMLfvY6e7neggzDq1PBoxR2rpzGWrWMBq0faYErwG2zC8P6K8YzQfuVUv5B7Js-GqPHf0LxIwsXb0n0HrzaH1y7jXg6Qi-WskQDhHtIi9JPgw0XKK8FC0uaEWSWtlZy7pqq6uucP7fUxrBYI5Gb3Lw1jJU_IaU--6PEQah1V1tu25AgYZe8rVXGhz1NKbe9NPibIuw96RpRfnjvp3j1a1-8VqVpVtoLL1VWvi2s83n4AkFALROnX-nPnJ3SVlLuoZIW7pbnRAIIRd6NBhTw9hnSrzc73ZyGBVy8EJ7B2FR6ZSA91p4uXWjfJfRr6nxR__wBkSXh37sucCYiK_CJhk6hiJAEDwrvcRnGUDcZhCNrXwJDJ98FJBg-BZerZ0n5Vkh_M9FqzmuhfXnJihloM9DnRszh4AyxbqomQ9QsfE9z1v1tAOTsPLDWBH2v9NIq1gTXHd3fR8zYE10T5dlgilxsT95JFKdmEHEmKMD9Kd5Ad1nUURJy8Bt4M_NQ1MKQOQ5xSVO35BSDthsK38yY3MomZtG71raBtWXLQh_AYFrAlMkyIJe_Vb0d03MW20apKkc-NYEcrBaTewqmFN8xsnr2wJU1XzdMNmwThIk7rjV63aVYCvU0zERXEktJ4ffw5A4xF0um4RtKgDHM5YP6aGaIRF3rX2IW_pe4qIifvX5lLPw2zf9IOR_43ZsJ1cbV9koqqjCaj9KFE164S4Q8C4Nl-mJhm_awDt0svMmqU6dR7KoP0NQLAVx42s5oY5JD9FAX5Vgm235h7GB4C4EFbreltYX-OmwzN2YnFasAN4biBzBIEElOO910fvLEyBGwlE-GCN4KnbwIZ2PF6YwMZBbrKGqMd5Cd06u-MA0h6tkhYEhzklhMu01to0Z5t7VKiOLrMBJVF7CH636XffnP2c2YRkIiFLFI1SmbZGQDR66y0J_PHH3FHaWn6-ZdxDH7lK21IyPnXb6nwFuah1LmfVKtyH3gsrvz2hca8FOiqnAa1Yyrqtr72ihxaRJ3SKbDOizRvew0E19b1QZDRRlSJwXex8W_CfPj0frrjfjdX6aEGWcx8cf7STbPlX01YafCIczOqpBe-ifDURgIDcbIljjtNbHEVrCZzzrnUdFJaUpR7VMimTCPQ7YANtVu6aW1dzUvn7UmD7DfiqUjttCB-vDokl1tLF3YCeMaplDeobm6YIQrZrXrDISSHadchxgC2dxYJgKWH2UbQDRiDL0NAa4BF5wvRHUrQNqlktgs4MzDwGgCl5Vnxa0Ahb086uXL8xCT9LGOCHGO8AXK05K_tR1rQFAH3dYb4IlhG7eo8zxELDxtUD-Aq2PISVpX-FdE0nzw8qRwDexd6UQAiZa4n9_iEJhl51N7-Fd51BPXGgq-mXutJHWzZ24d9TrPfuYIvnutGxFdZlZaXA8GZ8wu5H96tjyHf5wGy3cFbxyMPGXNfIaSJVMw-C-o9A0eOTeXDO_UmU6CTBlRtp0ep6AlaH6QPSUEkWJ1qeGaFIe2Z4TaRuVLHup8atiDUgDVc3y2wIevUHpW3b3abTJeVwgK6_FCfgotg_SPEzNzoKT2ktQQE0PJXxCKDYwT3SJ3QuUWILVvBvC0tr7emev45Iwmxcw9IVW-GV2HRXWLG61BUfYM1c32hsQzV5P4KuwZrIvZLmRLcgHD8HWZgyGISGsRBdhp7vTxd4bzpi4hiS7pJPTxZYhNa1u5HFBvWgKL2ozSMsdDFEtG_Osgm7J_y4RZrML9CrApvlMr4RlP30kD_R_mA2VHeSggfuLOA4C8Fo_ytoDuKL5G4OZmZLiVJ-mCWR5wcwlDNIWklINA_BOccOzXpmTIZ2_Pdki3ruXtxZ3lwlRfaeK_m6CHia9nQNt7B8A8d4X-mRXK0mAcBWY6gPjT8-B1JhqXISpb1a5xnhtfOIJDNQMEOhC0iUASpiHZwoY09kX8HKBVvtxLDpenuBlROju_pSKOL_bq0lzbVa9_KNtIkzQZUrIGpeqGgeuAhUBVV79NFDbPqUciBPKKM7SGhHSMLWx8Jdxm4tfec6WMwTLbUKUQLJciAzm4RRlonzcGGWexQ19Pb-GVr8qlRMtRnC4ryJn2oemOnwpxULM9czhVqQTJy0hPZX0lJTkNMVhEKC_5BBVt3IYKSvr0P8FP84ySCKBYl8ZnUtVc5Wa7VfJjNmzmiFwIxPY0yfKC6TmuJOtP3DOmntaGXpcVwdnYFkVEak5ILF0l8OhVntSiJAOPbctC9XaRWhtbpH4NUn0RLstNAQ0AXDnf7urna1suXaeJe-wcYaV3ayb4r36CtuwaQ9BpWSmE2nK_cNbnhYunPfbAPqHifPEkwNOmhyVzIm5bYl5o_OXcsTwiZZ6Au9XKXms5erCMVoDz0b8GBzZtp2PzXGfZwPH79o4eF24RkHwRnz7MyI_bryEAB7jKdqJAhLr87gP1U06KcGxaroJAZTZ33OmZBon4G6SJdIu_Ye8zQ5sgeAWIS36q6qt8PL6qAOVTVg72aKPvcDno4nvqBH35WljkTZB-JOFFWZfgJxP0FvxCl2CJAptRRM_HhFymcmpVOF8X7mC36xpyKQegmVeQdGCe-t7U8fI4Uwh1Ddf-Izv846EhzfDtAgmTJh-M5Z0TV80DT5TbnjNP7_jbpNcIV67BiEEjF0FfApnbxXq5pfqOPfFBfIUfVNwBLpASTOHXdotAlClh0Xi3bgMDPaTsuMttgbZdgaC9eCjA7MqJl_t92Xft9PcXXRklnJQN6BqXdSeARTja6g3Lk8zHX52c3Xp2K3C7egXYsNEsVkni6hA08nsG8lwrXrgHEBLcNSnReIgOguFvl2htneS_N0UCJxyujnuCVJsD9k5gFvQ3bnIqdgMGvOxfwIj3zIGQ14p5cN3jjRry9A_CObJCtSAtBeZls7aio3jvGGWPUqFgAr4gbl1lYHW5dZJiXn_I6Au1CA6G2bbx1vPmu0RvY5wYw66bpfZmRxCWcBOtS_5gkxUMyLRuoIZJ3UCOT2NNdZBu_PDF-cYUBy_0DRl6cn90I1-8weVu6ls8q19Pm3BBX69RddPqeRPBhZ7E9J9jUWqoRPdWgqnAt8-ABLkEq2VCeFKydxAMnQmVarqjJz6C3W_MaNf9tzrgUA6vCnBH_twIXXotspBoFC9C-Taq6mzmNFOFDKY6TbM32sYB8zQnZddZbCsiEmB3lVnikLeOckl1xMjA&cid=CAASEuRoKvLfKEt5LXwx08Hue4JA1w&rfl=2%2Chttps%253A%252F%252Fstoryconsole.dallasobserver.com%242%2Chttps%253A%252F%252Fstoryconsole.dallasobserver.com%252F%240

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53adbf926eb057bbc47dd38768774f6d1f6d7d5d90b98ada743b2ab038e367d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31922
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C56 42 B
63 B 114ms
69ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ack22pT6FQVafEhSMzw4f2Le1cCvp1mfxisIYZIN3Yb_6fX9kS5qSVYy1sa6Y6XmidZzppkqSp_u4tTG3XXS17SGN3xRlX5IknlnlwLdccPFLOMn0

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 4C56 2 KB
1 KB 84ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 06:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 06:25:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C56 124 KB
38 KB 138ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 07:22:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/ Frame 4C56 15 KB
6 KB 77ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 07:10:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4C56 0
0 85ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5GK0yCvp-7-H5aevQR-T-GX2WcQdkQpnsPOwWqJJVi_SkpkcgLnjB18Jws-RzNrmTba8YnxfRuLXKePpP9y3qLEeXmA
Requested by: Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 SGqKhU7YX_r4svqgMep210vmvQGTbsYkpFPBiqERxpE.js Show response
pagead2.googlesyndication.com/bg/ Frame DBCB 35 KB
13 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SGqKhU7YX_r4svqgMep210vmvQGTbsYkpFPBiqERxpE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

486a8a854ed85ffaf8b2faa031ea76d74be6bd01936ec624a453c18aa111c691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 20:22:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5037 0
0 60ms
60ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020701&jk=2547486540128767&rc=
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 953C 0
857 B 10ms
10ms Ping
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&e=wqT_3QKsCnwsBQAAAwDWAAUBCKn6kpAGENrwsPWEvJCqfRgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCbBEQDC7gJYGOMNGQMNGSAJQ4La9ogFYoetaYABonbJ0eOLWBYABAYoBA1VTRJIFBvBSmAHQD6ABhAeoAQGwAQC4AQHAAQPIAQLQAQDYAQDgAQDwAQCKAlh1ZignYScsIDI5Njg0ODQsIDE2NDQ0Nzc3MzcpO3VmKCdpJywgOTY0Njc1LCA-HAAwcicsIDM0MDc0NTA1NjY7APBpkgL5AyFLVXZBWkFpcHpONFlFT0MydmFJQkdBQWdvZXRhTUFBNEFFQUVTTU5HVUx1QWxnWllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JBQUFBQQUEDERCQVEFCQUBPHlRRVJqNFdZcjdEd1A5a0IFFTRBQUE4RF9nQWNQd092VQkUKEpnQ0FLQUNBTFVDASAIQUwwCQjwTE1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TlRNeE51QUR5eTJBQkFDSUJBQ1FCQUNZQkFIQkJBBVoFAQR5UR2lGE5nRUFQRUUFGQUBIENJQmNRcHFRVQUOHEFBRHdQN0VGDQ0BEARCQh0_AHkVKAxBQUFOMigAAFouKACoNEFVQThBV1pwSkFJLUFXa2w3VUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RWQFKCQEkS2dHQXJJR0pBawkQAQEAQh2rBEJrARIJAQBDHRhETGdHSmcuLpoCmQEhNGdfbXlnOv0BKEtIcldpQUVLQUF4CT4FAQA2MkkBEGtETExVEWEMRHdQMR1hAEYRGAxBQUFHHRgARx0YAEgdGBBIZ0FpUR0Q8O1BLi7YArnhA-ACn_Ba6gI_aHR0cHM6Ly9zdG9yeWNvbnNvbGUuZGFsbGFzb2JzZXJ2ZXIuY29tL3NjL2FsdGFpLWJhbGFuY2UtcmV2aWV3gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDyRngAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBBAIABABGNAPIIQHKAAwADgCuAQAwAQAyAQA0gQOOTAyNyNGUkExOjUzMTbaBAIIAeAEAfAE4La9ogGIBQGYBQCgBf___________wHABQDJBQAAgTsQ8D_SBQmVcmjYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYBLTAAAPA_0AbgLtoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4vwZAAMgH4tYF0gcNFXQBOAjaBwYJJ0TgBwDqBwIIAPAHi78BiggCEAA.&s=d015b5142204cbe2b1fca41005c46b9d25be3375&type=pv&jm=1003&px=-200&py=0&bw=2000&bh=900&sf=0.8&sid=6497263101027708598&vd=ct~0|rr~5&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12943419&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:19 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e83e37bf-ba5d-4515-abe5-b68f79558432
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://storyconsole.dallasobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DDE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1&C=1

43 B
1014 B

52ms
52ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGPfn854BMAE&v=APEucNWo3IDL3-cPv8Tyo_lzQ0S6gouE18ytvpcM9pDSioeP2G_-myZZJM-NhwvPMvUVgOaup2kdV-Zy9lTPW12w4I-H1-rFgobJIAUwED1vGGn4T-YtiWsX7gb4b6R6Frcv5SqISJusMEap_6ZmxGW64nr2mCMlPGlJ1kHysiIwFi1HLxgqr0M
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Feb 2022 07:22:19 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 10 Feb 2022 07:22:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DDE0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgS9K0KtUv5.lodl3shMvAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1&google_hm=2

43 B
894 B

33ms
32ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGPfn854BMAE&v=APEucNWo3IDL3-cPv8Tyo_lzQ0S6gouE18ytvpcM9pDSioeP2G_-myZZJM-NhwvPMvUVgOaup2kdV-Zy9lTPW12w4I-H1-rFgobJIAUwED1vGGn4T-YtiWsX7gb4b6R6Frcv5SqISJusMEap_6ZmxGW64nr2mCMlPGlJ1kHysiIwFi1HLxgqr0M
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Feb 2022 07:22:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPRq8IzSKA3Y0l1dtWPVmKU&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DDE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFBjNOAHDyooDaqNAAeT-k4&google_cver=1

43 B
1020 B

11ms
11ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFBjNOAHDyooDaqNAAeT-k4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD70OkBGPfn854BMAE&v=APEucNWo3IDL3-cPv8Tyo_lzQ0S6gouE18ytvpcM9pDSioeP2G_-myZZJM-NhwvPMvUVgOaup2kdV-Zy9lTPW12w4I-H1-rFgobJIAUwED1vGGn4T-YtiWsX7gb4b6R6Frcv5SqISJusMEap_6ZmxGW64nr2mCMlPGlJ1kHysiIwFi1HLxgqr0M

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:19 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4e93e2c8-1e40-4a6a-96c8-64ac2dd6d800
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFBjNOAHDyooDaqNAAeT-k4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DDE0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NzM5ODgyNzMwNzY2ODM0MQ%3D%3D

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NzM5ODgyNzMwNzY2ODM0MQ%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:19 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b2186e42-c409-43d5-8556-ad59644e07ab
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI4NzM5ODgyNzMwNzY2ODM0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 2EBA 0
857 B 10ms
10ms Ping
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&e=wqT_3QKrCnwrBQAAAwDWAAUBCKn6kpAGEMfp7vCezuTmJRgAKjYJMwUBCMM_EQUIEDPDPxkABQEIREAhERIAKREJ0DEAAABAMzPjPzC8gJYGOMNGQMNGSAJQlPX5kgFYoetaYABonbJ0eOLWBYABAYoBA1VTRJIBAQbwVZgB2AWgAVqoAQGwAQC4AQHAAQTIAQLQAQDYAQDgAQDwAQCKAll1ZignYScsIDM5MzkyMjQsIDE2NDQ0Nzc3MzcpO3VmKCdpJywgMjc0MjEyNiwgMTY0Mh0ANHInLCAzMDgxODE2NTIsMjwA9A4BkgL5AyFWbFNrSUFpb3lwSVFFSlQxLVpJQkdBQWdvZXRhTUFBNEFFQUVTTU5HVUx5QWxnWllBR0RfX19fX0QyZ0FjQUY0QVlBQkFZZ0JBWkFCQVpnQkFhQUJBYWdCQTdBQkFMa0JsMEFLMFRNend6X0JBWmRBQ3RFek04TV95UUVxSmJ6UVhqUHVQOWtCQUFBQUFBQUE4RF9nQWU2dXB3SDFBUUFBQUFDWUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnSElBZ0hRQWdIWUFnSGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEdVa0V4T2pVek1UYmdBOHN0Z0FRQWlBUUFrQVFBbUFRQndRUUFBQQF-FEFBQU1rRQEHCQEURFlCQUR4FZ0oQUFBaUFYRUtha0YBDAEBFDhELXhCUQEKCQEId1FVCQkBAQBNGSgMQUFEUi4oAAAyLigAuE9BRm1IWHdCWXFaeGdUNEJaaTM4QUdDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCak16BQIsOE1fcUFZQnNnWWtDHYAARR0MAEcdDABJHQw4dUFZS5oCmQEhM2hHMWF3Ov0BKEtIcldpQUVLQUF4BWlkek16d3o4NkNVWlNRVEU2TlRNeE5rRExMVWsB4xxBQUFEd1AxRQEJCQEARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRHRD0KgFBLi7YArnhA-ACn_Ba6gI_aHR0cHM6Ly9zdG9yeWNvbnNvbGUuZGFsbGFzb2JzZXJ2ZXIuY29tL3NjL2FsdGFpLWJhbGFuY2UtcmV2aWV3gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDyRngAwDoAwD4AwGABACSBAYvdXQvdjOYBACiBA8xODUuMjEzLjE1NS4xNjaoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA45MDI3I0ZSQTE6NTMxNtoEAggB4AQB8ASU9fmSAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4C7aBhYKEIWSHQFYEAAYAOAGAfIGAggAgAcBiAcAoAcBugcBt0wAGAAgADAAOL8GQADIB-LWBdIHDRV0AR4M2gcGCAUJROAHAOoHAggA8AeLvwGKCAIQAA..&s=69ef47affaaeca8739163c54b23b853d6d462cd7&type=pv&jm=1003&px=436&py=1024&bw=728&bh=90&sf=1&sid=6497263101027708598&vd=ct~0|rr~5&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12943420&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Feb 2022 07:22:19 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b91c78e5-9d47-4fb0-9943-f5922d130b2f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://storyconsole.dallasobserver.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 4C56 106 KB
38 KB 216ms
39ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
Origin: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 06:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Feb 2022 06:12:44 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/ Frame 4C56 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cf-SIiSkNsaTzj5Wz_t0xIvIxyu2VGx1_hCfTJ26sRo6BrsogSpGOxuFDvpAiZcZ8Pbh1NfKspdRv0hgFbLo_g_DQNuEgsLsre9JtSlBdU5uOKU5IrjORkDrax-yrWocDc8cEVARPWr35sYp_tckkBBcc2Pg&dbm_d=AKAmf-D6bwZOC-_uF65oPAhAmdqhPDbwlYs7Q4RG9SPfHCP6nhlQ_q0N0Lx3YE9kMSzdRrnGscd-n46goBz-uPyIRPCZzz2nmcxh2pGg7hn2PArcFDo8moWfgfhLRmMWeuHRsXVLbg924g9TMsY_L3PcDdQdxxOh6CDvbiejBKijN3GC5UIiTt-uu3siUcs_EP1WZS2Y2oQrMVN88gGOR3XP9ee0Lsf8qwPBK4lkYIazuj7cKnT5P7DW7vnnzElNuau6lfdD5WQDkws9hWBE1GRKMLfvY6e7neggzDq1PBoxR2rpzGWrWMBq0faYErwG2zC8P6K8YzQfuVUv5B7Js-GqPHf0LxIwsXb0n0HrzaH1y7jXg6Qi-WskQDhHtIi9JPgw0XKK8FC0uaEWSWtlZy7pqq6uucP7fUxrBYI5Gb3Lw1jJU_IaU--6PEQah1V1tu25AgYZe8rVXGhz1NKbe9NPibIuw96RpRfnjvp3j1a1-8VqVpVtoLL1VWvi2s83n4AkFALROnX-nPnJ3SVlLuoZIW7pbnRAIIRd6NBhTw9hnSrzc73ZyGBVy8EJ7B2FR6ZSA91p4uXWjfJfRr6nxR__wBkSXh37sucCYiK_CJhk6hiJAEDwrvcRnGUDcZhCNrXwJDJ98FJBg-BZerZ0n5Vkh_M9FqzmuhfXnJihloM9DnRszh4AyxbqomQ9QsfE9z1v1tAOTsPLDWBH2v9NIq1gTXHd3fR8zYE10T5dlgilxsT95JFKdmEHEmKMD9Kd5Ad1nUURJy8Bt4M_NQ1MKQOQ5xSVO35BSDthsK38yY3MomZtG71raBtWXLQh_AYFrAlMkyIJe_Vb0d03MW20apKkc-NYEcrBaTewqmFN8xsnr2wJU1XzdMNmwThIk7rjV63aVYCvU0zERXEktJ4ffw5A4xF0um4RtKgDHM5YP6aGaIRF3rX2IW_pe4qIifvX5lLPw2zf9IOR_43ZsJ1cbV9koqqjCaj9KFE164S4Q8C4Nl-mJhm_awDt0svMmqU6dR7KoP0NQLAVx42s5oY5JD9FAX5Vgm235h7GB4C4EFbreltYX-OmwzN2YnFasAN4biBzBIEElOO910fvLEyBGwlE-GCN4KnbwIZ2PF6YwMZBbrKGqMd5Cd06u-MA0h6tkhYEhzklhMu01to0Z5t7VKiOLrMBJVF7CH636XffnP2c2YRkIiFLFI1SmbZGQDR66y0J_PHH3FHaWn6-ZdxDH7lK21IyPnXb6nwFuah1LmfVKtyH3gsrvz2hca8FOiqnAa1Yyrqtr72ihxaRJ3SKbDOizRvew0E19b1QZDRRlSJwXex8W_CfPj0frrjfjdX6aEGWcx8cf7STbPlX01YafCIczOqpBe-ifDURgIDcbIljjtNbHEVrCZzzrnUdFJaUpR7VMimTCPQ7YANtVu6aW1dzUvn7UmD7DfiqUjttCB-vDokl1tLF3YCeMaplDeobm6YIQrZrXrDISSHadchxgC2dxYJgKWH2UbQDRiDL0NAa4BF5wvRHUrQNqlktgs4MzDwGgCl5Vnxa0Ahb086uXL8xCT9LGOCHGO8AXK05K_tR1rQFAH3dYb4IlhG7eo8zxELDxtUD-Aq2PISVpX-FdE0nzw8qRwDexd6UQAiZa4n9_iEJhl51N7-Fd51BPXGgq-mXutJHWzZ24d9TrPfuYIvnutGxFdZlZaXA8GZ8wu5H96tjyHf5wGy3cFbxyMPGXNfIaSJVMw-C-o9A0eOTeXDO_UmU6CTBlRtp0ep6AlaH6QPSUEkWJ1qeGaFIe2Z4TaRuVLHup8atiDUgDVc3y2wIevUHpW3b3abTJeVwgK6_FCfgotg_SPEzNzoKT2ktQQE0PJXxCKDYwT3SJ3QuUWILVvBvC0tr7emev45Iwmxcw9IVW-GV2HRXWLG61BUfYM1c32hsQzV5P4KuwZrIvZLmRLcgHD8HWZgyGISGsRBdhp7vTxd4bzpi4hiS7pJPTxZYhNa1u5HFBvWgKL2ozSMsdDFEtG_Osgm7J_y4RZrML9CrApvlMr4RlP30kD_R_mA2VHeSggfuLOA4C8Fo_ytoDuKL5G4OZmZLiVJ-mCWR5wcwlDNIWklINA_BOccOzXpmTIZ2_Pdki3ruXtxZ3lwlRfaeK_m6CHia9nQNt7B8A8d4X-mRXK0mAcBWY6gPjT8-B1JhqXISpb1a5xnhtfOIJDNQMEOhC0iUASpiHZwoY09kX8HKBVvtxLDpenuBlROju_pSKOL_bq0lzbVa9_KNtIkzQZUrIGpeqGgeuAhUBVV79NFDbPqUciBPKKM7SGhHSMLWx8Jdxm4tfec6WMwTLbUKUQLJciAzm4RRlonzcGGWexQ19Pb-GVr8qlRMtRnC4ryJn2oemOnwpxULM9czhVqQTJy0hPZX0lJTkNMVhEKC_5BBVt3IYKSvr0P8FP84ySCKBYl8ZnUtVc5Wa7VfJjNmzmiFwIxPY0yfKC6TmuJOtP3DOmntaGXpcVwdnYFkVEak5ILF0l8OhVntSiJAOPbctC9XaRWhtbpH4NUn0RLstNAQ0AXDnf7urna1suXaeJe-wcYaV3ayb4r36CtuwaQ9BpWSmE2nK_cNbnhYunPfbAPqHifPEkwNOmhyVzIm5bYl5o_OXcsTwiZZ6Au9XKXms5erCMVoDz0b8GBzZtp2PzXGfZwPH79o4eF24RkHwRnz7MyI_bryEAB7jKdqJAhLr87gP1U06KcGxaroJAZTZ33OmZBon4G6SJdIu_Ye8zQ5sgeAWIS36q6qt8PL6qAOVTVg72aKPvcDno4nvqBH35WljkTZB-JOFFWZfgJxP0FvxCl2CJAptRRM_HhFymcmpVOF8X7mC36xpyKQegmVeQdGCe-t7U8fI4Uwh1Ddf-Izv846EhzfDtAgmTJh-M5Z0TV80DT5TbnjNP7_jbpNcIV67BiEEjF0FfApnbxXq5pfqOPfFBfIUfVNwBLpASTOHXdotAlClh0Xi3bgMDPaTsuMttgbZdgaC9eCjA7MqJl_t92Xft9PcXXRklnJQN6BqXdSeARTja6g3Lk8zHX52c3Xp2K3C7egXYsNEsVkni6hA08nsG8lwrXrgHEBLcNSnReIgOguFvl2htneS_N0UCJxyujnuCVJsD9k5gFvQ3bnIqdgMGvOxfwIj3zIGQ14p5cN3jjRry9A_CObJCtSAtBeZls7aio3jvGGWPUqFgAr4gbl1lYHW5dZJiXn_I6Au1CA6G2bbx1vPmu0RvY5wYw66bpfZmRxCWcBOtS_5gkxUMyLRuoIZJ3UCOT2NNdZBu_PDF-cYUBy_0DRl6cn90I1-8weVu6ls8q19Pm3BBX69RddPqeRPBhZ7E9J9jUWqoRPdWgqnAt8-ABLkEq2VCeFKydxAMnQmVarqjJz6C3W_MaNf9tzrgUA6vCnBH_twIXXotspBoFC9C-Taq6mzmNFOFDKY6TbM32sYB8zQnZddZbCsiEmB3lVnikLeOckl1xMjA&cid=CAASEuRoKvLfKEt5LXwx08Hue4JA1w&rfl=2%2Chttps%253A%252F%252Fstoryconsole.dallasobserver.com%242%2Chttps%253A%252F%252Fstoryconsole.dallasobserver.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 07:01:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/ Frame 4C56 24 KB
9 KB 41ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220208/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9577
x-xss-protection: 0
server: cafe
etag: 11201793935764353180
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Feb 2022 07:14:17 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=Microdata&dl=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&rl=&if=false&ts=1644477739130&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Altai%20Balance%20Review%3A%20Customers%20Revealed%20Shocking%20Results%22%2C%22meta%3Adescription%22%3A%22Altai%20Balance%20is%20mainly%20created%20to%20protect%20people%20from%20diabetes%20and%20pre-diabetes%20or%20anyone%20who%20wants%20to%20keep%20sugar%20levels%20in%20control.%20Altai%20Balance%20is%20a%20supplement%20that%20includes%2019%20ingredients%20that%20are%20healthy%20for%20maintaining%20sugar%20levels.%22%2C%22meta%3Akeywords%22%3A%22Dallas%20news%2C%20Texas%20news%2C%20Dallas%20events%2C%20Texas%20events%2C%20Dallas%20Observer%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review%22%2C%22og%3Asite_name%22%3A%22Dallas%20Observer%22%2C%22og%3Atitle%22%3A%22Altai%20Balance%20Review%3A%20Customers%20Revealed%20Shocking%20Results%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmedia2.dallasobserver.com%2Fdal%2Fimager%2Fu%2Fslideshow%2F12524864%2Faltai-balance-800x427.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221524%22%2C%22og%3Aimage%3Aheight%22%3A%22813%22%2C%22og%3Adescription%22%3A%22Altai%20Balance%20is%20mainly%20created%20to%20protect%20people%20from%20diabetes%20and%20pre-diabetes%20or%20anyone%20who%20wants%20to%20keep%20sugar%20levels%20in%20control.%20Altai%20Balance%20is%20a%20supplement%20that%20includes%2019%20ingredients%20that%20are%20healthy%20for%20maintaining%20sugar%20levels.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644477737822.1546281318&it=1644477737669&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 10 Feb 2022 07:22:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DBCB 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6ylyDg
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4C56 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 15:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Feb 2023 15:11:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 848F 1 KB
749 B 42ms
40ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Wed, 09 Feb 2022 13:26:12 GMT
expires: Thu, 10 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 64567
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4C56 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17983e7741142e289b0b4810f22917e615cc409dc84e40127d599fb6ec748f8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 947A 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Feb 2022 15:11:50 GMT
expires: Thu, 09 Feb 2023 15:11:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 58229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 848F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPGHKaqVx89SKeqPtm3LMYk&google_cver=1&google_push=AYg5qPLx54-dV4nyrV-VYt19snkQ3U53I2xhOcguK-YULdvEug4Wba31aXO1xFWBzDQjEJPTiXtpI5bsWoGUmQTxN_h66yPmCrId2Q
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODcwNTYzNTg2MDQ4NTIxMjA2Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPGHKaqVx89SKeqPtm3LMYk&google_cver=1

43 B
398 B

38ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPGHKaqVx89SKeqPtm3LMYk&google_cver=1
Requested by: Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPGHKaqVx89SKeqPtm3LMYk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 848F 0
104 B 192ms
32ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECVE9azsdRSEUNYlqhTHi9E&google_cver=1&google_push=AYg5qPL3e6-qeWUHevKDvvnfNh8vWCSRGTVA0UKLFhtUDtcUrisLrGd6AYTk8RMBU3c1ie2XT_p8jftZec49TQ0LHeTOTZW06YxV7A
Requested by: Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 848F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM3HQqFVDaa1XoPdmJLZELs&google_push=AYg5qPJj2ak-KgiIJ6JITb0L7Z8a99C5AnpmeS3mhgC4dCTyHL71s0ZOXb...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM3HQqFVDaa1XoPdmJLZELs&google_push=AYg5qPJj2ak-KgiIJ6JITb0L7Z8a99C5AnpmeS3mhgC4dCTyHL71s0ZOXbo9T4mNbLValGC3JhN-S4uCzXt1AxB4bGzzFnNuBSqg

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1644477739.390574,VS0,VE92
x-served-by: cache-hhn4047-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEM3HQqFVDaa1XoPdmJLZELs&google_push=AYg5qPJj2ak-KgiIJ6JITb0L7Z8a99C5AnpmeS3mhgC4dCTyHL71s0ZOXbo9T4mNbLValGC3JhN-S4uCzXt1AxB4bGzzFnNuBSqg
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 848F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECMOiwf1SNIpFm-9f6XbScU&google_cver=1&google_push=AYg5qPJZFncItZUozjbCDpYYWRJYWkalq3DPY6xu-Hs7FErlf3x9fOjgSE7AVHlL1Sl-AE-AEjw2d27bmKA6v7Uv35W8xRz...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJZFncItZUozjbCDpYYWRJYWkalq3DPY6xu-Hs7FErlf3x9fOjgSE7AVHlL1Sl-AE-AEjw2d27bmKA6v7Uv35W8xRzj5dJtGw&google_hm=NzQ0MzAwMTgyNzAzNDU4...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJZFncItZUozjbCDpYYWRJYWkalq3DPY6xu-Hs7FErlf3x9fOjgSE7AVHlL1Sl-AE-AEjw2d27bmKA6v7Uv35W8xRzj5dJtGw&google_hm=NzQ0MzAwMTgyNzAzNDU4MzI4Mg%3D%3D

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 10 Feb 2022 07:22:19 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJZFncItZUozjbCDpYYWRJYWkalq3DPY6xu-Hs7FErlf3x9fOjgSE7AVHlL1Sl-AE-AEjw2d27bmKA6v7Uv35W8xRzj5dJtGw&google_hm=NzQ0MzAwMTgyNzAzNDU4MzI4Mg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 848F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WwrK9aldSkaNfEMUh7RSiA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WwrK9aldSkaNfEMUh7RSiA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIhD2iowN5JoBrk1gxCt8XCTnpjMi-IcJoAVcACFqVPih31BXCQWb4pJc2hIgRy_qut5Er1W2NDfwqVCMTG66L7rtOhJROQEw

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WwrK9aldSkaNfEMUh7RSiA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIhD2iowN5JoBrk1gxCt8XCTnpjMi-IcJoAVcACFqVPih31BXCQWb4pJc2hIgRy_qut5Er1W2NDfwqVCMTG66L7rtOhJROQEw
date: Thu, 10 Feb 2022 07:22:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 848F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA-GzQR2jb3NMGkhQBoiUR8&google_cver=1&google_push=AYg5qPJ0qphi3fiqgGGwptNgtJzwD7yVPulk7cXPWL2SSXdX2FRvog9Nu17KLGi-oxlKy-W8kkX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHTkw0TEktMTUtRDAwQw==&google_push=AYg5qPJ0qphi3fiqgGGwptNgtJzwD7yVPulk7cXPWL2SSXdX2FRvog9Nu17KLGi-oxlKy-W8kkXZVkVfL4ByXRkzsETCumqslfwOXQ

170 B
188 B

47ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHTkw0TEktMTUtRDAwQw==&google_push=AYg5qPJ0qphi3fiqgGGwptNgtJzwD7yVPulk7cXPWL2SSXdX2FRvog9Nu17KLGi-oxlKy-W8kkXZVkVfL4ByXRkzsETCumqslfwOXQ

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pHTkw0TEktMTUtRDAwQw==&google_push=AYg5qPJ0qphi3fiqgGGwptNgtJzwD7yVPulk7cXPWL2SSXdX2FRvog9Nu17KLGi-oxlKy-W8kkXZVkVfL4ByXRkzsETCumqslfwOXQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 848F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlM...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 848F 0
12 B 45ms
44ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kyj9WupL-tk8gCi-H5p_LhQ279OWnlKZGupNB85h2Eja0-ICIiQk1Pp7siX2NR7nBifouZ

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 07:22:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 SGqKhU7YX_r4svqgMep210vmvQGTbsYkpFPBiqERxpE.js Show response
pagead2.googlesyndication.com/bg/ Frame 947A 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SGqKhU7YX_r4svqgMep210vmvQGTbsYkpFPBiqERxpE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

486a8a854ed85ffaf8b2faa031ea76d74be6bd01936ec624a453c18aa111c691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 20:22:03 GMT

GET
H3 200 728x90%20deDE.html Show response
s0.2mdn.net/sadbundle/10250530564910116944/ Frame 367B 6 KB
2 KB 96ms
40ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10250530564910116944/728x90%20deDE.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf660aac77b23f14200202326b9bdf3106a169c7ab3e5a0fa25bc21c0e1db41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2291
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 16:46:04 GMT
expires: Tue, 07 Feb 2023 16:46:04 GMT
cache-control: public, max-age=31536000
age: 225375
last-modified: Fri, 17 Dec 2021 00:17:46 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4C56 0
571 B 182ms
89ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshlyDboX6NSD_1HMwm6hM0u86MXlDOC78y84lRpc-e_jq2ZqoIWgL3kuKOlIrUjSso_Sry3p7Pb3BWK7icftQ7APW7hdoOpUEzSHNcay9NKiRPTWoiAJIjmlzw3lZBnjT_kxjotYbq7yG8T84LIu4QzhAAgDGthaNbXsvV1eW3HxhOpT91oivvJFPul8xpihQPdLYJoeUD0wY5fLApcXWYuNOW_Q3u4wOb33Ceyes-T1C8vWdVnTVT5lg0ky0g__BhPuQqXcr5HKTtBACRNcplbbG7VAopk-Pv8n-yAzHsCBo6DOOm5do-JeS19D36ErKj2gFk4GINrpke-XDnU4Qc9E4pzp5uT0dl5QS6KpXOnwE1mWO5GwjH7AGjkaSAMp3VUxtlomGKyj7geNEC3jiVbvtfvbH4MxQ9YdZBh_kKaRCaYjZMSVuANgsFDrV1LiST06sbjbM7O-m4oBD9tPcUY-I2M9i3brL_HG8R6FiRGISrgcPoEOefMiSxYXCHEiIiUOlf4qO6O4YJP4BYsGcGQW20urv8njQaYJ4jT8IC9T2-nS1GBsUAtVZt67s_6ZkE2anlQPaYKgIKTal7IwDUEK91i3fT9Xwn2fkj3yby3NRVVzQS2VeUzhQwocXj-0idyi77gyjJwOswLGuvsBypG-GafSLtJldKgp_m-tnEfGyXLayp3gPpifTRfUqGgxEAtgnog25dDbhkFB-LjAyrr2uS3hIQE13zIbzAjPB8XC4FmqdfW8lq1VMWGVbgQHSYyGViTI4rrBf6mqA-U90Ebge9-vbYqtAyjFwRJKnWYE4noBXzIiBNv9gZfOZfdxl56OeM8V0peJ6oSz6yoymo0-N8QDtsGTcjJEJ-l5Ziha5WfSfUgYzgcGrFPXWzpMJHeQSG1zLV3ZKSwKrFfULr_4pEEbq5U6ODe1D76mqh-rFPbAefM0KqIj6vD-G3Gen0XgOqBOrxc65VROy7DGMGP4FUB9f6g7N8UXw4TnKqVJH0Ir5pi5NecPkg5IPbR3BlvgY2sbc3fphDTDfhQgtNMdks5VLZnUFNjbUDGEEGbDokBUjDjeE-Ufn1BkSBgSP8VoM9nn-BqRfysRGeTA1cPo3PjbRf0p1drUxyB5j73e9FJ5Q6OQSbGWz5hYLvJwoXh331SgHxyzsLNLlJFupRd5Ac_Y_wwq1yDrY2sI3m9Tba6Uy2PqFUQjUH_c83F0z_M4qZ90EhsHqw6_pG4CEtfywMI6XB3PRoaRdgP9caJ9Et5lipiMULLgSjRkCNcWwx1KMoxxu6JWKqClpBNUCUDF1VD13L38Y_Xd1J20cYd_Id0qwwlZTUvNqMrfKVqf2-P6rmXkRYPuq0Qw&sai=AMfl-YS31HfX47MAXvzE3pRAVuotHOwhdiCS4KHUhLhEmhQUg6jLzu9OdetP36yehbF09qehe9xs0g8Wn6fQ68SHpVtgc3Z5lKmd0mtwBZQ-mubRxgWei1J2yGAs0AoEwp6Xa9CUtLnzMlnCuORwiMZsUuwfLJuolg&sig=Cg0ArKJSzNiuMaNw87_aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=278&cbvp=1&cstd=275&cisv=r20220208.72836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 10 Feb 2022 07:22:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 createjs.min.js Show response
s0.2mdn.net/sadbundle/10250530564910116944/libs/1.0.0/ Frame 367B 236 KB
63 KB 42ms
42ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10250530564910116944/libs/1.0.0/createjs.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10250530564910116944/728x90%20deDE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10250530564910116944/728x90%20deDE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64184
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:17:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 16:46:04 GMT

GET
H3 200 728x90%20deDE.js Show response
s0.2mdn.net/sadbundle/10250530564910116944/ Frame 367B 31 KB
7 KB 41ms
40ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10250530564910116944/728x90%20deDE.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10250530564910116944/728x90%20deDE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46ef68f36fc59867ed5729312644d55fa1171b81b7c56d60b02f7bafaaf0f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10250530564910116944/728x90%20deDE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7424
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:17:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 16:46:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 947A 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9-CKK70EYq9a1JLeA67zlZgIAAAAADgB4AQC&bg=!JSalJmLNAAbS3PJy0tw7ACkAdvg8Wiyovl9-hs3y4g6-GhpgoEObNVlvnoaGr5bf7lQgykx8eZQlZwIAAACPUgAAAARoAQcKABiN8xmsqZted-ceL7UoJNmPqoFJPQ34MyOZAwgiJFISBx3mfZcq1-UWGZzcz3NqlITx7WRochDASNfiHmg6a7Q-8GstklxpLEFK312_f_cvF-Mz6WwgkotfIxaD7iVgh2W3R9m5r0SKxl_gmIwAwvt0tKXw8gQwNXZFbuS-uwvvSZ5WfwPXlf6_w2BAgNvP2KX97DzCzvU1wAT0YlruHCiSuD4Rku9LUXA0rBvybM0pkV4yKFC2vZbkmoCY-Dhuq3TyCGPDMrtaa9QBfnMDAYrFQ6hytoI0Hf4Fq2e8MO98pW9LC2dKUSvyQN31-8AB-TY8rbRN8DpD3bGhGLzsMaGU67opFPaHqhsEaFKiUUq-PIqsHcfCTkrLBbISPdgtB3SPfoDy1olfzWqa3D8VRWLJLuv0B7UfDu6ZfG1E40tjWzxEsaRNloEWRwDuYXjkRIJWqzFvt9LfDF0UhLqrijRLVhhcN6a6HBkr9PtmzewiM8oOrCCGtBfUIRffX5U9Bkc2J33mrSZOoyuk0s_qy-rgMMsWdsgKpoM3TfYoQw4VnQSPx4lWwYtmDkPXSnCUOYaVCGkbOzM5TezKX3ck-DIIxqDNR61Cw4WkITCxbBrvnnq1cbjPrn0qlcCEOhUF2W1w8JUpj4PovsHYxRH1GiwrFaWGYvjU7htihBtTdekhE5Fok_SPsVyVddjk7RQwqzn_wMrHyfAjjtc8TrYAuVsHt2-CsgBtJuDjOCIfl8leTaIZm769Lc_BcJNzgnSNUtE_wD3JgXFKAS_MrRwbxgxpWhTe1U82T0a5bb28Mi7SjPzJzRPW9BYBIA_JMoURg4Wv1-cuhKtgCkXGsOyunoqs6re9s00Xz4LZARsgcD2HzR_saL1k6F3a1BnDVS5a5srsd5ape1TH8vE-ENi3Aq6j28yYpTymMMlRxVC2fNnWmT_HzY3bWkm8G34gszaDcus2Hr6mW1ORoo-MY7xGiGE12BhAnksqiQJKCY5vtB3FLt157CmpNlhBFoGckNVP-A3kaZ2WLItu4mg6LqmwMDoANPgejWbHAk3Oz51etlBfq7B0wQ

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 728x90%20deDE_atlas_1.png
s0.2mdn.net/sadbundle/10250530564910116944/images/ Frame 367B 70 KB
71 KB 41ms
40ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10250530564910116944/images/728x90%20deDE_atlas_1.png

Requested by

Host: 2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
URL: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

693d7208dff9c33a6f3d7a4ea8ec4cf9aed02a151c4bc42d28e2bad64047072d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10250530564910116944/728x90%20deDE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:46:04 GMT
x-content-type-options: nosniff
age: 225375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72171
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 00:17:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 16:46:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4C56 0
23 B 124ms
76ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshlyDboX6NSD_1HMwm6hM0u86MXlDOC78y84lRpc-e_jq2ZqoIWgL3kuKOlIrUjSso_Sry3p7Pb3BWK7icftQ7APW7hdoOpUEzSHNcay9NKiRPTWoiAJIjmlzw3lZBnjT_kxjotYbq7yG8T84LIu4QzhAAgDGthaNbXsvV1eW3HxhOpT91oivvJFPul8xpihQPdLYJoeUD0wY5fLApcXWYuNOW_Q3u4wOb33Ceyes-T1C8vWdVnTVT5lg0ky0g__BhPuQqXcr5HKTtBACRNcplbbG7VAopk-Pv8n-yAzHsCBo6DOOm5do-JeS19D36ErKj2gFk4GINrpke-XDnU4Qc9E4pzp5uT0dl5QS6KpXOnwE1mWO5GwjH7AGjkaSAMp3VUxtlomGKyj7geNEC3jiVbvtfvbH4MxQ9YdZBh_kKaRCaYjZMSVuANgsFDrV1LiST06sbjbM7O-m4oBD9tPcUY-I2M9i3brL_HG8R6FiRGISrgcPoEOefMiSxYXCHEiIiUOlf4qO6O4YJP4BYsGcGQW20urv8njQaYJ4jT8IC9T2-nS1GBsUAtVZt67s_6ZkE2anlQPaYKgIKTal7IwDUEK91i3fT9Xwn2fkj3yby3NRVVzQS2VeUzhQwocXj-0idyi77gyjJwOswLGuvsBypG-GafSLtJldKgp_m-tnEfGyXLayp3gPpifTRfUqGgxEAtgnog25dDbhkFB-LjAyrr2uS3hIQE13zIbzAjPB8XC4FmqdfW8lq1VMWGVbgQHSYyGViTI4rrBf6mqA-U90Ebge9-vbYqtAyjFwRJKnWYE4noBXzIiBNv9gZfOZfdxl56OeM8V0peJ6oSz6yoymo0-N8QDtsGTcjJEJ-l5Ziha5WfSfUgYzgcGrFPXWzpMJHeQSG1zLV3ZKSwKrFfULr_4pEEbq5U6ODe1D76mqh-rFPbAefM0KqIj6vD-G3Gen0XgOqBOrxc65VROy7DGMGP4FUB9f6g7N8UXw4TnKqVJH0Ir5pi5NecPkg5IPbR3BlvgY2sbc3fphDTDfhQgtNMdks5VLZnUFNjbUDGEEGbDokBUjDjeE-Ufn1BkSBgSP8VoM9nn-BqRfysRGeTA1cPo3PjbRf0p1drUxyB5j73e9FJ5Q6OQSbGWz5hYLvJwoXh331SgHxyzsLNLlJFupRd5Ac_Y_wwq1yDrY2sI3m9Tba6Uy2PqFUQjUH_c83F0z_M4qZ90EhsHqw6_pG4CEtfywMI6XB3PRoaRdgP9caJ9Et5lipiMULLgSjRkCNcWwx1KMoxxu6JWKqClpBNUCUDF1VD13L38Y_Xd1J20cYd_Id0qwwlZTUvNqMrfKVqf2-P6rmXkRYPuq0Qw&sai=AMfl-YS31HfX47MAXvzE3pRAVuotHOwhdiCS4KHUhLhEmhQUg6jLzu9OdetP36yehbF09qehe9xs0g8Wn6fQ68SHpVtgc3Z5lKmd0mtwBZQ-mubRxgWei1J2yGAs0AoEwp6Xa9CUtLnzMlnCuORwiMZsUuwfLJuolg&sig=Cg0ArKJSzNiuMaNw87_aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=521&vt=11&dtpt=243&dett=3&cstd=275&cisv=r20220208.72836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Feb 2022 07:22:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EBA 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020701&jk=2547486540128767&bg=!iIuli8_NAAbS3PJy0tw7ACkAdvg8WkoBPgVtgTy8-PKUy4YwDqE7NTmtG6nculbuN-2RBECQICzNcgIAAACrUgAAAAJoAQcKAHvII4n-DyClFMH0Hqe0HQQ3KnRiPDGq8ILsoV9ZWnRIIK-4XI1OwHnTcjJRJ4qs0iQTE3tQxXgqmEFy3E170gru_tgPinHuilpgYTUd0TIgwwevX_gBba5b68ZcpnGXacSvuAM4MH2kWvZ_cOJ5z9D8RmO3QR83CbasM--ZAr6jSGj5dV68Vt_OdBw8T4AHH23zvaQ7qTBAWBI6gqUvuuLcC91mA_DKpe4z_EG8ZUwZU6FF12mmVULqtuGtsM4OuCUS97SXTirCDAob4sN_1BVBubAWddMKOIdU2kYoyAxn76kFYqInA7qZrtikAQSFEn5seK1jJU81AR-R4RApO_LzQ8AddnPU1Jwhn6jUOkqvfq8QajVVV-gdiMT8X9Luf8oSTzOR3nP2sM_Q3pAEoryaSIW696hnXJRzaH5XGzp3zcKFH7DZLffGqJYnQi0bghw2IlQAwgGDpUPbOki4GJl3kVyahjluKnIPaH9WnGEejPUJqBdC5Znv77msY8nJMeAoIjlp5qkBAAMGOPpJRZ3Pgvjp2s-PYZD02a1k0Te-uewJl74_pJdqeLhsxiymPc9Qwib0oljzNc7jf4mdLWPV5m7Gm5MEDx_P13HV2629IKT2bziFJFcdTitX3GVQrZY6IxRNP5Ucb6pbzAd-mZeW2yxQ_2OmhiYgbcIytSEW6w5mVw7bQ9JX-1Dw4nBbSRKAPHfgHvKKZ-RCD_INu25JNWFe-bBn09hRmqRoBMzb7aFNUkWKcH8eJ9YPwCWYUuf8SVbKFgdkXk6xJWQoukRuYedmhC_5u94o5Wf9ZVb2xBh2FEO4XLt-rEjIoBr9Wn-aoAjjB_WTbczsVQDTYzefK1FZQrmqqCAJnvRhWVrrdSIaZWyFputvWoxKQGWo3o2vP0G_XHWwMwR50BogUwtsKgzBmFb1rX2ZEtPquFet62NT0J7oDrCy_Wc8Zyy-iLnvCFVY7wOutBpEhLKXWm8ioj7KdIEHYieE8ZOhztQz0qYWfg1Qn8-hG68l1K4bY12yTcE35Dj55YR9eeJkdGYMLaKFltUP2tL5JCFnpJwWx1DamgV_zVMnyQsNYvBYiWDld1wxet3Zga_-lvM

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4C56 42 B
64 B 104ms
56ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjofAp2Np-MIKLnJLyxUKUBuJqoFu3hCXlvKt1GwNgOyARvuf0d9eg0w48-Zd4ICnpV7cSLA87GHM7LiZccLwLpQVTg6ieig2w6AXTx2WXDv-ryepLaQ&sai=AMfl-YRRxRTbcZ4-H_Y6BkwHOeWmeSyKoz6uV_WHetnrBo0csZzsjZRdUQ-CD_GkVZb79ql-ARxPYDt7X1GgdpugBFojNtr4j1YFBli8yjIrYiFkT7dPjGKo3OuRUiB0&sig=Cg0ArKJSzL4_L6QcWqjPEAE&cid=CAASEuRoKvLfKEt5LXwx08Hue4JA1w&id=lidar2&mcvt=1000&p=1024,436,1114,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3302078446&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644477738798&rpt=415&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 07:22:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 2F63 0
181 B 41ms
33ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fstoryconsole.dallasobserver.com%2Fsc%2Faltai-balance-review&upid=07ypglr&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

date: Thu, 10 Feb 2022 07:22:20 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 7601 2 KB
1 KB 32ms
31ms Document
text/html 108.157.4.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/604b996bca020f0010ead52b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-57.dus51.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

content-type: text/html; charset=utf-8
date: Thu, 10 Feb 2022 07:14:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: pbxdQ-nuzmou0Q3P-VKM9XDvogSZ48ia1nhWqj9wLpBdZCVgb3e1CA==
age: 457

GET
H2 200 / Show response
js.stripe.com/v3/ 277 KB
67 KB 74ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7661998b523fb9dbcc25f96240b579c061efd2d592b15cd40a31d6276d7c7de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 77
x-cache: HIT
content-length: 67788
etag: "a340cb7c78e9ad2ce79d3768684d296b"
x-request-id: 94b99aa1-f2e4-4224-b248-362e3abfaea0
x-served-by: cache-hhn4070-HHN
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 17:04:50 GMT
server: Fastly
date: Thu, 10 Feb 2022 07:22:20 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 106

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
234 B 99ms
99ms Fetch
text/html 54.164.46.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.46.147 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-46-147.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://storyconsole.dallasobserver.com/
key: 604b996bca020f0010ead52b
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://storyconsole.dallasobserver.com
date: Thu, 10 Feb 2022 07:22:20 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 316ms
98ms Preflight
application/json 54.164.46.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.46.147 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-46-147.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://storyconsole.dallasobserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 10 Feb 2022 07:22:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://storyconsole.dallasobserver.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

GET
H2 200 m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html Show response
js.stripe.com/v3/ Frame 23E3 240 B
527 B 6ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storyconsole.dallasobserver.com/

Response headers

last-modified: Thu, 27 Jan 2022 19:43:21 GMT
etag: "08a1fefa46cfc8cc94fc477ddcdb0555"
content-type: text/html; charset=utf-8
cache-control: max-age=31536000
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 10 Feb 2022 07:22:20 GMT
via: 1.1 varnish
age: 21
x-request-id: d79bfe04-70fd-49a6-a48c-4edb3538ad86
x-served-by: cache-hhn4070-HHN
x-cache: HIT
x-cache-hits: 24
vary: Accept-Encoding
timing-allow-origin: *
content-length: 140

POST
H2 200 csp-report
q.stripe.com/ Frame 23E3 0
356 B 552ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 10 Feb 2022 07:22:21 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-ebb7106827d6c64e55a93b6fe1303341.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 23E3 1 KB
771 B 7ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 21
x-cache: HIT
content-length: 645
etag: "5213886b88cd72e6d0aebc89868e5d13"
x-request-id: f7ead303-c59a-4e34-a815-de41a499c1bb
x-served-by: cache-hhn4070-HHN
access-control-allow-origin: *
last-modified: Thu, 27 Jan 2022 19:43:06 GMT
server: Fastly
date: Thu, 10 Feb 2022 07:22:20 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 67

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FF3D 932 B
2 KB 60ms
13ms Document
text/html 143.204.98.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-36.fra50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Thu, 13 Jan 2022 18:40:12 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date: Thu, 10 Feb 2022 07:18:10 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kHAR5US_H44kegGMsouvC5MYdWhROK4tRX6Wo9ynBIqRzJqIdwfZwQ==
age: 252

POST
H2 200 csp-report
q.stripe.com/ Frame FF3D 0
131 B 475ms
170ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 10 Feb 2022 07:22:21 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame FF3D 0
130 B 475ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: storyconsole.dallasobserver.com
URL: https://storyconsole.dallasobserver.com/sc/altai-balance-review

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 10 Feb 2022 07:22:21 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame FF3D 85 KB
14 KB 10ms
9ms Script
text/javascript 143.204.98.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-36.fra50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 36
x-cache: Hit from cloudfront
date: Thu, 10 Feb 2022 07:21:45 GMT
last-modified: Thu, 13 Jan 2022 18:40:13 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: ibayWUtjHV9g6wZVffIkpFI76yhmPak8P1CRRw17iOa_HwS4zAkRqw==

POST
H2 200 6 Show response
m.stripe.com/ Frame FF3D 156 B
522 B 520ms
173ms XHR
application/json 52.25.233.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.233.186 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-233-186.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5dcfd1e1e1c0ea1b8934668a83bdc82dcb7adefb029bca3b435dd1d27a442c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 10 Feb 2022 07:22:21 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 05:11:28	Name: NID Value: 511=O8Icq_zmO0516mSFY0t4zz3umF2WcsAP28mxL6DamYHw2yLxDNcOh645RVBT44gG5T8ocSY0o5dtcJVNoWRQgYl_ySFVzhtkDvQX8vbgXmmp8Xzf47P5z6UM6hJ1Pl_-wJI8drqoBpWBBMtOPrHrj8-mnMhcBUP9lmRkzR86CPU
.storyconsole.dallasobserver.com/	1970-01-20 18:19:09	Name: _ga Value: GA1.3.603120731.1644477738
.storyconsole.dallasobserver.com/	1970-01-20 00:49:24	Name: _gid Value: GA1.3.1907910590.1644477738
.storyconsole.dallasobserver.com/	1970-01-20 00:47:57	Name: _gat Value: 1
storyconsole.dallasobserver.com/	1970-01-20 10:16:45	Name: _cb_ls Value: 1
storyconsole.dallasobserver.com/	1970-01-20 10:16:45	Name: _cb Value: CkwUTRP_w5uD4b0cd
storyconsole.dallasobserver.com/	1970-01-20 10:16:45	Name: _chartbeat2 Value: .1644477737757.1644477737757.1.C8do9RCROcsjWKXVJBhHaUFC2sw7h.1
storyconsole.dallasobserver.com/	1970-01-20 00:47:59	Name: _cb_svref Value: null
.storyconsole.dallasobserver.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.dallasobserver.com/	1970-01-20 02:57:33	Name: _fbp Value: fb.1.1644477737822.1546281318
.quantserve.com/	1970-01-20 10:18:12	Name: mc Value: 6204bd29-cd1c5-fcede-91eca
.dallasobserver.com/	1970-01-20 10:12:26	Name: __qca Value: P0-1460932940-1644477737830
.adnxs.com/	1970-01-20 02:57:33	Name: icu Value: ChgIrIpIEAoYASABKAEwqfqSkAY4AUABSAEQqfqSkAYYAA..
.adnxs.com/	1970-01-20 02:57:33	Name: uuid2 Value: 5287398827307668341
.ad.gt/	1970-01-20 18:19:09	Name: au_id Value: 08032bef-d1e5-461e-94ef-8ed61179a5f6
.ad.gt/	1970-01-20 00:49:24	Name: au_idmatch Value: {"apn": "2022-02-10", "ttd": "2022-02-10", "pub": "2022-02-10", "adx": "2022-02-10", "halo": "2022-02-10", "goo": "2022-02-10", "ado": "2022-02-10", "rub": "2022-02-10", "bees": "2022-02-10"}
.pubmatic.com/	1970-01-20 02:57:33	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 02:57:33	Name: KADUSERCOOKIE Value: 5B0ACAF5-A95D-4A46-8D7C-431487B45288
.adsrvr.org/	1970-01-20 09:33:33	Name: TDID Value: e405682e-65bf-45fd-8888-3a1d99697973
.adsrvr.org/	1970-01-20 09:33:33	Name: TDCPM Value: CAEYBSABKAIyCwiOqfTSmZy2OhAFOAE.
.demdex.net/	1970-01-20 05:07:09	Name: demdex Value: 27956972713803955722744899469468260978
.storyconsole.dallasobserver.com/	1970-01-20 09:26:21	Name: pelcro.unique.id Value: OGZ6Y2JwZTRxYTlremdubDNwcA==
.dpm.demdex.net/	1970-01-20 05:07:09	Name: dpm Value: 27956972713803955722744899469468260978
.doubleclick.net/	1970-01-20 10:09:33	Name: IDE Value: AHWqTUm5tyiD89pksGDUTQFiat-b19Bwaq__FWDWBuCZe3DCCcpbqFhSM_C7p-qpScU
.dallasobserver.com/	1970-01-20 18:19:09	Name: _ga Value: GA1.2.603120731.1644477738
.dallasobserver.com/	1970-01-20 00:49:24	Name: _gid Value: GA1.2.1907910590.1644477738
.ad.gt/	1970-01-20 18:19:09	Name: last_seeng_hosted Value: 1644477738507
.ad.gt/	1970-01-20 18:19:09	Name: g_hosted Value:
.ad.gt/	1970-01-20 18:19:09	Name: last_seenrub Value: 1644477738508
.ad.gt/	1970-01-20 18:19:09	Name: rub Value:
.ad.gt/	1970-01-20 18:19:09	Name: last_seenadnxs Value: 1644477738518
.ad.gt/	1970-01-20 18:19:09	Name: adnxs_id Value: 5287398827307668341
.ad.gt/	1970-01-20 18:19:09	Name: first_seenadnxs Value: 1644477738518
.ad.gt/	1970-01-20 18:19:09	Name: last_seentd Value: 1644477738519
.ad.gt/	1970-01-20 18:19:09	Name: tdid Value: e405682e-65bf-45fd-8888-3a1d99697973
.ad.gt/	1970-01-20 18:19:09	Name: first_seentd Value: 1644477738519
.bidr.io/	1970-01-20 10:16:27	Name: bito Value: AAC9gU7ECXoAAHjk9Y_Hew
.bidr.io/	1970-01-20 10:16:27	Name: bitoIsSecure Value: ok
.ad.gt/	1970-01-20 18:19:09	Name: last_seenadx Value: 1644477738519
.ad.gt/	1970-01-20 18:19:09	Name: google_gid Value: CAESEIhVcCnROuPsDovbuOMXPNA
.ad.gt/	1970-01-20 18:19:09	Name: first_seenadx Value: 1644477738519
.ad.gt/	1970-01-20 18:19:09	Name: last_seenpbm Value: 1644477738522
.ad.gt/	1970-01-20 18:19:09	Name: pbm Value: 5B0ACAF5-A95D-4A46-8D7C-431487B45288
.ad.gt/	1970-01-20 18:19:09	Name: first_seenpbm Value: 1644477738522
.ad.gt/	1970-01-20 18:19:09	Name: last_seenadb Value: 1644477738527
.ad.gt/	1970-01-20 18:19:09	Name: adb Value: 27956972713803955722744899469468260978
.ad.gt/	1970-01-20 18:19:09	Name: last_seenhaloid Value: 1644477738674
.ad.gt/	1970-01-20 18:19:09	Name: halo_id Value: 0200j2q9gt07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 18:19:09	Name: first_seenhaloid Value: 1644477738674
.dallasobserver.com/	1970-01-20 10:09:33	Name: __gads Value: ID=b762014939f0cd04:T=1644477738:S=ALNI_MYlZX82HkcI-MuCGhir1yI6KfdCRw
.ad.gt/	1970-01-20 18:19:09	Name: last_seenbeeswax Value: 1644477738807
.ad.gt/	1970-01-20 18:19:09	Name: beeswax_id Value: AAC9gU7ECXoAAHjk9Y_Hew
.adnxs.com/	1970-01-20 02:57:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?jgP0TZ!]tbPl1M>e)ZlrFUfJ+tGXxp2?oS(oYTHOVMdNLfXvE+nG8Ch=Q<<GeT>!Q-3If)y3KL9D3I?+G/WmS)
.casalemedia.com/	1970-01-20 02:57:33	Name: CMPS Value: 3271
.casalemedia.com/	1970-01-20 09:33:33	Name: CMID Value: YgS9K0KtUv5.lodl3shMvAAA
.casalemedia.com/	1970-01-20 02:57:33	Name: CMPRO Value: 1208
.casalemedia.com/	1970-01-20 00:49:24	Name: CMST Value: YgS9K2IEvSsA
.casalemedia.com/	1970-01-20 09:33:33	Name: CMRUM3 Value: 2d6204bd2b2760CAESEPRq8IzSKA3Y0l1dtWPVmKU
.turn.com/	1970-01-20 05:07:09	Name: uid Value: 8705635860485212067
.yahoo.com/	1970-01-20 09:33:55	Name: A3 Value: d=AQABBCu9BGICELUmWxqPeBx1ZzRG1AvBfl8FEgEBAQEOBmIOYgAAAAAA_eMAAA&S=AQAAAmg9AiCWCfTkIElULFknW-Y
.everesttech.net/	1970-01-20 09:33:33	Name: everest_g_v2 Value: g_surferid~YgS9KwAFHxwaSQBH
m.stripe.com/	1970-01-20 18:19:09	Name: m Value: 61ad5cb2-ff3b-4d63-bd70-48018e7a024653ed4c
.storyconsole.dallasobserver.com/	1970-01-20 09:33:33	Name: __stripe_mid Value: 7ee9a62b-533a-4eb2-8be8-476351ddd9d2d863e8
.storyconsole.dallasobserver.com/	1970-01-20 00:47:59	Name: __stripe_sid Value: e3f60ecf-56e1-4863-8951-4b11ae7dfd95859e25

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgS9K0KtUv5-lodl3shMvAAABLgAAAAB&google_cver=1&google_push=AYg5qPJFnWzyFKtwK-Dm74dH9A4mzCdkiv9fz2jW81A3SsokhLg5N68NRFTd_Pyjj5hgtesd7FlMO5W96mtUp3uVuB6c_c93K1TIlA&google_gid=CAESEL0bmdkg0V9Bfn3bcTmqq_s Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2e6843bad7dbde196b296448bcf2b1c3.safeframe.googlesyndication.com
a.ad.gt
accounts.google.com
acdn.adnxs.com
ad.turn.com
adservice.google.com
adservice.google.de
api.pushnami.com
apis.google.com
aufp.io
cd.connatix.com
cdn.adnxs.com
cdn.jsdelivr.net
cds.connatix.com
cm.g.doubleclick.net
connect.facebook.net
crcdn01.adnxs-simple.com
dclk-match.dotomi.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ids.ad.gt
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
js.pelcro.com
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
media1.dallasobserver.com
media2.dallasobserver.com
p.ad.gt
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
pixel.rubiconproject.com
pixels.ad.gt
platform.twitter.com
pr-bh.ybp.yahoo.com
psp.pushnami.com
q.stripe.com
r.turn.com
rules.quantcount.com
s0.2mdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
seg.ad.gt
sessions.bugsnag.com
ssl.gstatic.com
static.chartbeat.com
stats.g.doubleclick.net
storyconsole.dallasobserver.com
sync-tm.everesttech.net
syndication.twitter.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.pelcro.com
cm.g.doubleclick.net
104.102.29.65
104.244.42.72
108.157.4.57
142.250.184.194
142.250.185.194
142.250.186.98
143.204.98.36
151.101.1.108
151.101.129.108
151.101.194.137
151.101.64.176
151.101.66.49
18.66.96.113
185.64.190.78
185.64.190.80
2.21.141.148
2001:678:cb4:bbbb::11
2600:1901:0:7a0b::
2600:9000:223c:c000:c:b42a:3740:93a1
2600:9000:225f:e800:6:44e3:f8c0:93a1
2600:9000:2315:fc00:18:1fcd:34f:cdc1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:858
2606:4700:20::ac43:45d9
2606:4700::6810:5714
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:800::2002
2a00:1450:4001:803::200d
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9b
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3601:c37d:a00d:6a82:4432
35.166.104.223
35.244.159.8
37.252.172.249
37.252.172.45
37.252.173.22
44.230.193.23
44.233.217.175
44.237.47.166
44.240.108.244
52.21.62.223
52.223.40.198
52.25.233.186
52.41.136.243
54.164.46.147
54.186.23.98
54.77.200.211
54.77.5.134
69.173.144.138
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b903b204822feb2a1fb089cdd850655ff0b1cca4aece20235ed604eef1ae7b4
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0de66b152a24d88e16d3fab18c4ecf49f746adfd8b9fd34481642d4e6933c272
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1295392dc1ad49ec647789fb43abc365e98aee26822f397ba16a24d9acf6a689
131911bf220ea99b0c5cb656841224dba94da7314169f3069ccac0815bc9e0df
142f73d801ac2d43bd40e1fe11e3edef43345b3682a17d77d2a7280bd8a895e4
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
14d6fa0add72b520785550d10a22373d383420fded6809a4b1f6f584d094c430
17983e7741142e289b0b4810f22917e615cc409dc84e40127d599fb6ec748f8b
1c60fbb2cbbef335bceb50752f77180c710787594e46f9e00d13121c489af0f5
1f454efaa3f2f9a58423ed1624f280a5f153f6bd43127e6919c32fdfefe121bc
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
1fc3c521d7f8cb202adc5b4d3dd8e60dc2a5f04d11fd3870b44e78608994f36a
21c6b0751b28f6d4dd0e715fdc84f6aa41aa37c7ab8b87287e976617d1ecbd51
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2ff5e5bd21eddd1f8403fc955ba727d579c19abb85e861f91114475602da592e
31db2bd9311df9bbfaa9b19d4258f77f5279b2e39749d834c869fb62c917803b
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3402db0f440dcb6710a255c7029208cdec7e26ef06ece32ebcdda519314e3d2b
380a2b96ba56a2981cd1c689b78edd8b91096f843ebec8ba62de16c8d8afd2fb
398dc6dbd96011b1221e4ae2d74302edf250d806c06bc696701a2dcb63d331ba
39b7a6b1ed398e524b117941837aaecd9a119334758e503b9a45e52fbd879853
3d2ec1d990e7d6960d1af17e80926efcfea6af96338090068528678e119f6c13
3f8d7d69ae71a4596a9b4256eed174158ad478d2a5f12b338a0cfeebb114c27b
406dae81a8e95037a3bca53ca771f446df097cf86084d76de62fd308e2bf32a5
443873dd87441f66d0d005f8e6b2182408fc28fc1c2e049551e062c6ced848dc
486a8a854ed85ffaf8b2faa031ea76d74be6bd01936ec624a453c18aa111c691
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a43d6f88d59265884eff12131c0511ef5323da902abd3e325cfd10d3acb0de
48e66e73048706fa4d36d4b10033b268c63408c0304395f11ef661a278c403bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51643413920fb7346927f681edf04d04a89cbdd95e4b1f6c52808328bf92ad4e
53adbf926eb057bbc47dd38768774f6d1f6d7d5d90b98ada743b2ab038e367d5
5514e154a0779b75c1037f4735d4536a6fdbf7594464157ccf692739cd803cf5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a1b092d7e105d5ecda0bd16c3642bc9c9a19ce1c86318331d81c8d40217641c
5d92dc4ef46f39dae0b2908c18f8f0623acfd88bc861da9378e7d2393f092228
5dcfd1e1e1c0ea1b8934668a83bdc82dcb7adefb029bca3b435dd1d27a442c90
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d219e5c38d48c3f110b2cc06367a2f8a695d2232131949a64eee8f37739001
693d7208dff9c33a6f3d7a4ea8ec4cf9aed02a151c4bc42d28e2bad64047072d
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
7661998b523fb9dbcc25f96240b579c061efd2d592b15cd40a31d6276d7c7de0
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a
7c52965e97e25fc384a2d740f9b558186a6da55dafa480fdae5f29225b9721dc
7d442d7575fcce245d4d2af6608ffa60dffb51811abbc4de16dc2591500b7bbc
84b742c171dadedcad5db808d8dca7c9b19487365533eee7919cebe8e88c3cf6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
8ba70bd763f06d02da1fc194a21a1ce9a49fcf4d224f5a4e8fc8a7003425dc4a
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
98f8a52abdf090489ec0a9498adced573a16490c4bb0097e28eff4e53f322cc4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd7c996a75e5ab2b34f1dd5b6b4f99ec4efec335fe25e24960c93834cfc1515
9cfd33c901ea82fe2dcea630488f62cf84f7ba8a4b32381a28fa582a2e198e9c
9e04695ad31a24a93957880684618c5194773e6d527b50cc365ad03b6e6c593c
9f44becebd35a6e9ec71d4917ee8690eb00a0b0f0c9c7fa230f504464e9c643c
9fb64345d71f4c06846abe03f864274565b24fea10d791e4d20ba60b0963076d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5de6beb44d59334c85abeccb40e2e4b253667e2b0c84eb229a290c84560fd28
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73eb3a275137c862b8aede37f767fb8878199c38388c804d40811205fb3b396
a744bb69606a20cd1e063e1ae742dbdaee1bf9e62805ce097388e974179443a6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
af78c17fc966f18f2b599bfe0cb0b80fb0885ab03905b0f98713e4b4e9038445
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b08d9f5121954e70d706ddc1075d84b95590d475c510fba27ee86eb4c9eb02b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b332ac60714bc69c5f411267b8cd63190e8a82b17b552d7c85aa9d796edba2af
c0a5d48aaae94435dfb363352d10c67c8e00ab8bba67686eba5198e31415b890
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cb9150d3c9aeea9ed3eb421e98a315655bcbac53ffa236e539fb37c1d64ec5bf
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d46ef68f36fc59867ed5729312644d55fa1171b81b7c56d60b02f7bafaaf0f57
df14864854909d86782fc3334090a8b53281c0ea098c1ac5a6a3611a505eb20c
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bdfde439c11a1379bb7286e4c0a074c74e80d441f05b183f17036a598a94dd
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e473c5a0ab2d00ffbdeb98695814298342e62af559b10d7aebce684dee1cf24a
e4852b74180a3b7326e14ba19ea389cd85d237ab3f4a0f21cf904f60a9026319
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e72079aa5e5d5c0b144743d47140f0d6d842acfc41cc99b143972bc35109696b
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8fc85293845d4d357c1af9188cd14fb3b33c7b7d1917fb6bbc61a999e55d84f
ecf660aac77b23f14200202326b9bdf3106a169c7ab3e5a0fa25bc21c0e1db41
ed322afa968bb3664894ebff53ea23bbef0526851c6730440513fe5f9ec9d9d9
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ede16112d9db7fbbcf7e5bdd78c76dd4dc2dbbe2669c228f9ce74f7c9c3f41be
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4
f4e87dbef76aeb895e03dc869941f350590358f687a655886f20ebc58fae40a2

storyconsole.dallasobserver.com Open in urlscan Pro 2606:4700:20::ac43:45d9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

88 %HTTPS

47 %IPv6

39 Domains

72 Subdomains

58 IPs

7 Countries

4742 kBTransfer

14775 kBSize

64 Cookies

68 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

storyconsole.dallasobserver.com Open in urlscan Pro
2606:4700:20::ac43:45d9 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

88 %
HTTPS

47 %
IPv6

39
Domains

72
Subdomains

58
IPs

7
Countries

4742 kB
Transfer

14775 kB
Size

64
Cookies

163 HTTP transactions
4 data transactions