Submitted URL: http://click1.mail.wnd.com/izdmytftpgnwpqprwbdkgwzfpcwbzqbdzvpgdhbyhgygcm_qwmmwmnvsgtmffnddswpd.html?a=04326a45ce34b62a6acf...
Effective URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-n...
Submission Tags: falconsandbox
Submission: On October 03 via api from US — Scanned from DE

Summary

This website contacted 84 IPs in 9 countries across 57 domains to perform 271 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wnd.com. The Cisco Umbrella rank of the primary domain is 233890.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time www.wnd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.214.203.11 14618 (AMAZON-AES)
1 15 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:223... 16509 (AMAZON-02)
1 63.141.128.3 399566 (BIGCOMMERCE)
1 34.227.129.115 14618 (AMAZON-AES)
1 198.148.27.140 19189 (PULSEPOINT)
2 34.95.69.49 396982 (GOOGLE-CL...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 184.51.9.34 16625 (AKAMAI-AS)
1 108.138.17.48 16509 (AMAZON-02)
6 2600:1901:0:b... 15169 (GOOGLE)
2 2600:9000:249... 16509 (AMAZON-02)
3 108.138.4.10 16509 (AMAZON-02)
2 13.32.121.17 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
9 151.139.128.11 20446 (STACKPATH...)
18 2606:4700:1::... 13335 (CLOUDFLAR...)
3 2a02:6ea0:cb0... 60068 (CDN77 ^_^)
1 108.138.7.53 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
1 13.32.99.46 16509 (AMAZON-02)
1 35.82.251.53 16509 (AMAZON-02)
5 54.147.124.45 14618 (AMAZON-AES)
9 54.211.179.172 14618 (AMAZON-AES)
1 2600:9000:230... 16509 (AMAZON-02)
1 18.66.147.89 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.0.100.196 14618 (AMAZON-AES)
4 2a00:1450:402... 15169 (GOOGLE)
1 52.84.106.121 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 18.66.112.48 16509 (AMAZON-02)
1 143.204.89.74 16509 (AMAZON-02)
2 13.32.121.59 16509 (AMAZON-02)
2 108.138.4.150 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 6 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 193.122.128.135 31898 (ORACLE-BM...)
2 2602:803:c003... 26667 (RUBICONPR...)
2 147.75.85.234 54825 (PACKET)
3 35.244.159.8 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 213.19.147.43 3356 (LEVEL3)
1 69.166.1.9 27630 (AS-XFERNET)
4 54.72.178.118 16509 (AMAZON-02)
2 52.212.196.113 16509 (AMAZON-02)
8 212.124.124.69 47328 (TRI-AS Tr...)
1 54.203.226.224 16509 (AMAZON-02)
14 99.81.25.188 16509 (AMAZON-02)
8 2606:4700:1::... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
3 34.149.139.129 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
3 141.95.98.64 16276 (OVH)
1 34.251.218.252 16509 (AMAZON-02)
6 52.223.40.198 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
2 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2600:9000:225... 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 4 104.18.19.126 13335 (CLOUDFLAR...)
4 23.205.235.133 16625 (AKAMAI-AS)
2 2 162.210.196.208 30633 (LEASEWEB-...)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2606:2800:233... 15133 (EDGECAST)
2 2 188.42.191.196 7979 (SERVERS-COM)
2 2 213.19.147.44 3356 (LEVEL3)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 104.96.145.246 16625 (AKAMAI-AS)
3 5 52.46.155.104 16509 (AMAZON-02)
5 7 172.217.19.98 15169 (GOOGLE)
1 4 104.18.18.126 13335 (CLOUDFLAR...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.89.210.244 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 8.43.72.98 26667 (RUBICONPR...)
6 8 69.173.144.139 26667 (RUBICONPR...)
2 3 52.95.118.179 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 75.2.13.80 16509 (AMAZON-02)
271 84
Apex Domain
Subdomains
Transfer
26 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 6325
c.mgid.com — Cisco Umbrella Rank: 4699
cdn.mgid.com — Cisco Umbrella Rank: 8580
servicer.mgid.com — Cisco Umbrella Rank: 6393
s-img.mgid.com — Cisco Umbrella Rank: 4416
cm.mgid.com — Cisco Umbrella Rank: 2289
374 KB
25 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 8718
trends.revcontent.com — Cisco Umbrella Rank: 2768 Failed
yeet.revcontent.com — Cisco Umbrella Rank: 10635
img.revcontent.com — Cisco Umbrella Rank: 12603
cdn.revcontent.com — Cisco Umbrella Rank: 9847
images.revcontent.com — Cisco Umbrella Rank: 9506
101 KB
19 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 34955
geoip.instiengage.com — Cisco Umbrella Rank: 38555
auth.instiengage.com — Cisco Umbrella Rank: 27866
comment.instiengage.com — Cisco Umbrella Rank: 89385
static.instiengage.com — Cisco Umbrella Rank: 43692
event.instiengage.com — Cisco Umbrella Rank: 45857
618 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 701
eus.rubiconproject.com — Cisco Umbrella Rank: 861
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1345
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1264
pixel.rubiconproject.com — Cisco Umbrella Rank: 493
token.rubiconproject.com — Cisco Umbrella Rank: 1067
27 KB
16 wnd.com
click1.mail.wnd.com
www.wnd.com — Cisco Umbrella Rank: 233890
364 KB
14 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
208 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 391
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 750
s.amazon-adsystem.com — Cisco Umbrella Rank: 427
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1300
54 KB
11 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 36867
event.insticator.com — Cisco Umbrella Rank: 28437
dashboard.insticator.com — Cisco Umbrella Rank: 88188 Failed
60 KB
9 aj2495.online
cdn77.aj2495.online — Cisco Umbrella Rank: 100799
aj2495.online — Cisco Umbrella Rank: 90166
20 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908
dsum.casalemedia.com — Cisco Umbrella Rank: 2347
7 KB
8 cloudfront.net
d1zxg9iar5y3ur.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
d2s3kjdp77ms5k.cloudfront.net
171 KB
7 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4952
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5922
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 7146
signal-segments.s-onetag.com — Cisco Umbrella Rank: 10179
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 4601
signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 5468
17 KB
7 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 728
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 718
image6.pubmatic.com — Cisco Umbrella Rank: 915
134 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
98 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 463
2 KB
6 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 11904
3 KB
6 calmcactus.com
calmcactus.com — Cisco Umbrella Rank: 88602
150 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1477
id5-sync.com — Cisco Umbrella Rank: 642
34 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 486
mug.criteo.com — Cisco Umbrella Rank: 1859
1 KB
4 decide.dev
cdn2.decide.dev — Cisco Umbrella Rank: 51284
decide.dev — Cisco Umbrella Rank: 32303
8 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2120
3 KB
4 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 2524
sync.1rx.io — Cisco Umbrella Rank: 796
1 KB
4 userway.org
cdn.userway.org — Cisco Umbrella Rank: 9422
api.userway.org — Cisco Umbrella Rank: 9285
38 KB
3 openx.net
insticator-d.openx.net — Cisco Umbrella Rank: 32458
u.openx.net — Cisco Umbrella Rank: 960
568 B
3 technoratimedia.com
insticator.technoratimedia.com — Cisco Umbrella Rank: 31505
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 4349
8 KB
3 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 14523
56 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 707
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
3 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2616
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 735
1 KB
2 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 4213
807 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1451
212 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 4219
82 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1449
pixel.quantserve.com — Cisco Umbrella Rank: 683
11 KB
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2288
api.rlcdn.com — Cisco Umbrella Rank: 1094
38 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
89 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
2 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 9692
certify.alexametrics.com — Cisco Umbrella Rank: 5313
5 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2180
15 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 850
945 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 3236
350 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1351
131 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1227
759 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2077
334 B
1 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 11799
526 KB
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2674
752 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 1356
550 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 828
466 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1200
692 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2308
595 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
54 KB
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 832
397 B
1 soapps.net
soapps.net — Cisco Umbrella Rank: 69551
9 KB
1 bigcommerce.com
cdn11.bigcommerce.com — Cisco Umbrella Rank: 14428
115 KB
0 33across.com Failed
ssc.33across.com Failed
271 57
Domain Requested by
15 www.wnd.com 1 redirects www.wnd.com
14 yeet.revcontent.com d1zxg9iar5y3ur.cloudfront.net
8 dashboard.insticator.com d1zxg9iar5y3ur.cloudfront.net
dashboard.insticator.com
8 s-img.mgid.com www.wnd.com
8 aj2495.online cdn77.aj2495.online
7 cm.g.doubleclick.net 5 redirects
7 static.instiengage.com comment.instiengage.com
7 www.google-analytics.com d1zxg9iar5y3ur.cloudfront.net
www.wnd.com
dashboard.insticator.com
6 match.adsrvr.org ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
d1zxg9iar5y3ur.cloudfront.net
ssum-sec.casalemedia.com
6 cdn.mgid.com www.wnd.com
d1zxg9iar5y3ur.cloudfront.net
6 ex.ingage.tech 1 redirects df80k0z3fi8zg.cloudfront.net
d1zxg9iar5y3ur.cloudfront.net
ssum-sec.casalemedia.com
6 jsc.mgid.com d1zxg9iar5y3ur.cloudfront.net
6 calmcactus.com d1zxg9iar5y3ur.cloudfront.net
calmcactus.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
4 event.instiengage.com comment.instiengage.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 eus.rubiconproject.com d1zxg9iar5y3ur.cloudfront.net
ex.ingage.tech
eus.rubiconproject.com
4 comment.instiengage.com 2 redirects d1zxg9iar5y3ur.cloudfront.net
4 d2s3kjdp77ms5k.cloudfront.net
4 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
4 stats.g.doubleclick.net www.google-analytics.com
decide.dev
4 assets.revcontent.com d1zxg9iar5y3ur.cloudfront.net
4 ads.pubmatic.com d1zxg9iar5y3ur.cloudfront.net
3 images.revcontent.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 ssum-sec.casalemedia.com 1 redirects d1zxg9iar5y3ur.cloudfront.net
ssum-sec.casalemedia.com
3 securepubads.g.doubleclick.net d1zxg9iar5y3ur.cloudfront.net
securepubads.g.doubleclick.net
3 id5-sync.com ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
3 decide.dev d1zxg9iar5y3ur.cloudfront.net
3 servicer.mgid.com d1zxg9iar5y3ur.cloudfront.net
3 cdn.userway.org d1zxg9iar5y3ur.cloudfront.net
cdn.userway.org
3 c.amazon-adsystem.com d1zxg9iar5y3ur.cloudfront.net
c.amazon-adsystem.com
3 cdn.izooto.com www.wnd.com
d1zxg9iar5y3ur.cloudfront.net
2 secure.adnxs.com 2 redirects
2 fonts.googleapis.com comment.instiengage.com
2 sync.1rx.io 2 redirects
2 ads.betweendigital.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 sync.aralego.com 2 redirects
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 cdn.id5-sync.com d1zxg9iar5y3ur.cloudfront.net
2 cm.mgid.com d1zxg9iar5y3ur.cloudfront.net
www.wnd.com
2 trends.revcontent.com d1zxg9iar5y3ur.cloudfront.net
2 tag.1rx.io df80k0z3fi8zg.cloudfront.net
2 hbopenbid.pubmatic.com df80k0z3fi8zg.cloudfront.net
2 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
2 prebid.a-mo.net df80k0z3fi8zg.cloudfront.net
2 fastlane.rubiconproject.com df80k0z3fi8zg.cloudfront.net
2 insticator.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 signal-segments.s-onetag.com d1zxg9iar5y3ur.cloudfront.net
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 cdn.confiant-integrations.net d1zxg9iar5y3ur.cloudfront.net
2 auth.instiengage.com d1zxg9iar5y3ur.cloudfront.net
auth.instiengage.com
2 connect.facebook.net d1zxg9iar5y3ur.cloudfront.net
2 sb.scorecardresearch.com d1zxg9iar5y3ur.cloudfront.net
www.wnd.com
2 d3lcz8vpax4lo2.cloudfront.net d1zxg9iar5y3ur.cloudfront.net
2 i.clean.gg d1zxg9iar5y3ur.cloudfront.net
1 cdn.revcontent.com
1 img.revcontent.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 px.ads.linkedin.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 csync.loopme.me ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 image6.pubmatic.com ads.pubmatic.com
1 ad-cdn.technoratimedia.com d1zxg9iar5y3ur.cloudfront.net
1 u.openx.net d1zxg9iar5y3ur.cloudfront.net
1 api.rlcdn.com df80k0z3fi8zg.cloudfront.net
1 id.crwdcntrl.net ads.pubmatic.com
1 cdn2.decide.dev d1zxg9iar5y3ur.cloudfront.net
1 cl.imghosts.com www.wnd.com
1 c.mgid.com d1zxg9iar5y3ur.cloudfront.net
1 api.userway.org cdn.userway.org
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 pixel.quantserve.com www.wnd.com
1 pxl.qccerttest.com www.wnd.com
1 signal-beacon.s-onetag.com d1zxg9iar5y3ur.cloudfront.net
1 onetag-geo.s-onetag.com d1zxg9iar5y3ur.cloudfront.net
1 static.adsafeprotected.com d1zxg9iar5y3ur.cloudfront.net
1 rules.quantcount.com d1zxg9iar5y3ur.cloudfront.net
1 geo.privacymanager.io d1zxg9iar5y3ur.cloudfront.net
1 get.s-onetag.com d1zxg9iar5y3ur.cloudfront.net
1 df80k0z3fi8zg.cloudfront.net d1zxg9iar5y3ur.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.instiengage.com d3lcz8vpax4lo2.cloudfront.net
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.wnd.com
1 certify.alexametrics.com www.wnd.com
1 secure.quantserve.com d1zxg9iar5y3ur.cloudfront.net
1 ats.rlcdn.com d1zxg9iar5y3ur.cloudfront.net
1 cdn77.aj2495.online d1zxg9iar5y3ur.cloudfront.net
1 certify-js.alexametrics.com d1zxg9iar5y3ur.cloudfront.net
1 www.googletagmanager.com d1zxg9iar5y3ur.cloudfront.net
1 bh.contextweb.com www.wnd.com
1 soapps.net www.wnd.com
1 cdn11.bigcommerce.com www.wnd.com
1 product.instiengage.com www.wnd.com
1 d1zxg9iar5y3ur.cloudfront.net www.wnd.com
1 click1.mail.wnd.com 1 redirects
0 ssc.33across.com Failed df80k0z3fi8zg.cloudfront.net
271 108
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-11 -
2023-05-11
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA
2022-05-24 -
2023-05-24
a year crt.sh
*.bigcommerce.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-16 -
2023-03-07
a year crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA
2022-01-13 -
2023-01-22
a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-07 -
2023-05-08
a year crt.sh
i.clean.gg
GTS CA 1D4
2022-08-07 -
2022-11-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
certify-js.alexametrics.com
Amazon
2022-05-30 -
2023-06-27
a year crt.sh
calmcactus.com
R3
2022-08-27 -
2022-11-25
3 months crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-12 -
2022-10-10
3 months crt.sh
1840143026.rsc.cdn77.org
R3
2022-07-26 -
2022-10-24
3 months crt.sh
assets.revcontent.com
R3
2022-09-14 -
2022-12-13
3 months crt.sh
1667503734.rsc.cdn77.org
R3
2022-08-15 -
2022-11-13
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
certify.alexametrics.com
Amazon
2022-05-30 -
2023-06-28
a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon
2022-09-13 -
2023-10-12
a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA
2022-07-27 -
2023-08-26
a year crt.sh
*.s-onetag.com
Amazon
2022-01-04 -
2023-02-01
a year crt.sh
*.confiant-integrations.net
E1
2022-09-26 -
2022-12-25
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.privacymanager.io
Amazon
2022-08-26 -
2023-09-24
a year crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
qccerttest.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA
2022-07-13 -
2023-08-11
a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-15 -
2023-09-15
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.a-mo.net
R3
2022-09-05 -
2022-12-04
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.gumgum.com
Amazon
2022-05-06 -
2023-06-04
a year crt.sh
revcontent.com
Amazon
2022-07-25 -
2023-08-23
a year crt.sh
aj2495.online
R3
2022-09-15 -
2022-12-14
3 months crt.sh
api.userway.org
Amazon
2022-10-02 -
2023-10-31
a year crt.sh
*.decide.dev
Amazon
2022-01-24 -
2023-02-22
a year crt.sh
decide.dev
GTS CA 1D4
2022-09-10 -
2022-12-09
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-27 -
2022-11-22
3 months crt.sh
*.id5-sync.com
R3
2022-08-18 -
2022-11-16
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
img.revcontent.com
R3
2022-09-14 -
2022-12-13
3 months crt.sh
cdn.revcontent.com
R3
2022-09-10 -
2022-12-09
3 months crt.sh
images.revcontent.com
R3
2022-09-07 -
2022-12-06
3 months crt.sh

This page contains 26 frames:

Primary Page: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Frame ID: 270B88190AB903394C98A736C09A3BC7
Requests: 183 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: F7A026EC7A72EBE441481D2624800633
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 1F2C9D5802BBE3B3A1538428CFB84437
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1664784429839397537077&consentData=&gdprApplies=1
Frame ID: E441B5F664AD8DC917C57985E4B978B5
Requests: 1 HTTP requests in this frame

Frame: https://decide.dev/lad/15366210459998054?pubid=ld-5929-8744&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=1145&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Frame ID: 1B8C123EB2364161B3D9DBA8C2ACE12A
Requests: 2 HTTP requests in this frame

Frame: https://decide.dev/lad/12119975259523686?pubid=ld-4520-5072&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=836&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Frame ID: 3EC888730D2D3552A82075B5C6CBA428
Requests: 2 HTTP requests in this frame

Frame: https://decide.dev/lad/14487621883606118?pubid=ld-4593-8411&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=836&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Frame ID: 36E37288297629350E4105097E1E63FB
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Frame ID: BF4E495F1E647318983134451783FE15
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Frame ID: 3596B87C2293991576AFC890A56F5734
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Frame ID: FE3072A6E12E52B02DAFB7DFB2DE2A8C
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Frame ID: C3C831C771194EDE726EBB8329658914
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Frame ID: AA7E1A6323E222183B455D953C7DACF8
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Frame ID: 6F00A849BC3F3F2992D253CD017B1DDE
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Frame ID: D92B8907C896B03FA8DEF99837AC0B71
Requests: 2 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Frame ID: 4B6735F033D2E3D5193486B447B2A274
Requests: 3 HTTP requests in this frame

Frame: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Frame ID: 6B2BFB2B9034CFC816A7CEDA1A4BF225
Requests: 22 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Frame ID: 3DCDCDFFBD4BAD30000AD39426A687AE
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DACE94927BCC200658FE663BA00540A6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: B62F9A6116000D35BC107BACC027D6BE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: 18E85970AB1718C9CE80C231E34030A7
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3DPM_UID
Frame ID: E6B8A8F09F8F2A6E992E065941BC2B24
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E67510F5F901685F88C9F3A9806E5829
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 611D6F611A2AB743B383AF74F62198BC
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.29.0
Frame ID: 5EC43AB776452F118FBE0309854AF9AD
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/betweenx/de345507-9a43-4474-9310-307efa4f46e2?uid=b368fe16-8a29-5214-9476-f632f74c6e01
Frame ID: 4399DBB81ED7ABEC93D20235A087905D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=959552875
Frame ID: 57C98B2E2A5F44BF84B35AB2AA61347A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Court orders 2 judges who took millions in kickbacks to pay out big

Page URL History Show full URLs

  1. http://click1.mail.wnd.com/izdmytftpgnwpqprwbdkgwzfpcwbzqbdzvpgdhbyhgygcm_qwmmwmnvsgtmffnddswpd.html?a=... HTTP 302
    https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Em... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\d+\.bigcommerce\.com/

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

271
Requests

84 %
HTTPS

39 %
IPv6

57
Domains

108
Subdomains

84
IPs

9
Countries

3527 kB
Transfer

9770 kB
Size

75
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click1.mail.wnd.com/izdmytftpgnwpqprwbdkgwzfpcwbzqbdzvpgdhbyhgygcm_qwmmwmnvsgtmffnddswpd.html?a=04326a45ce34b62a6acffaedcedc065f HTTP 302
    https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.wnd.com/files/2011/10/runruh.jpg HTTP 301
  • https://www.wnd.com/wp-content/uploads/2011/10/runruh.jpg
Request Chain 157
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wnd.com%2F&domain=www.wnd.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=F18Hh3xQWTNweFdhZmdkM3hPWjJvNGdOQnpCSnU1SFFCRnJLM1BVbklQTVJWaHNwMFNqWUdDQUxjcHRMdjNYSURTS2JORnRoQTY3T1pSQmlYZ2lIUFIzRGJpS3hXL3NWN1doOXcyYmw1S29DK1hLaTlxcGM1ZWZxbm03VlQxb1kvRXN5MVg2VGNpNFQrSkpZdDhkWXhJVmFPeStQbEtXY2VHa2Y0NkloaTNVNDBlTXV2b1VCYW1pd0g2eEphcDlwTGh2ajR1TEpJMTFuZ1h1WHJocG1UVnFUTitEZXZKV1VLSGovZGFYemdaemlPMk9nPXw&cppv=2
Request Chain 189
  • https://comment.instiengage.com/live/loader/loader.js HTTP 301
  • https://static.instiengage.com/app-loader/static/loader.js
Request Chain 198
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Request Chain 204
  • https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3DUCFUID HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/6473ca0d-500a-35da-91cc-47b20b919779?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-KBvR3VFE2oWxedUZz9IJmM7uNVhxk9RviYpQZH0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 206
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://ex.ingage.tech/v1/sync/betweenx/de345507-9a43-4474-9310-307efa4f46e2?uid=b368fe16-8a29-5214-9476-f632f74c6e01
Request Chain 207
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=de345507-9a43-4474-9310-307efa4f46e2&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator&zcc=1&cb=1664784435907 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=959552875
Request Chain 211
  • https://comment.instiengage.com/live/comments/static/app.js?v=0.0.76 HTTP 301
  • https://static.instiengage.com/app-comments/app.js?v=0.0.76
Request Chain 219
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 223
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB&dcc=t
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEExd513pmAqipthZ6nbE7D8&google_cver=1
Request Chain 225
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzqYMyCrn790lfkiaSlA8AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJbhxlA_J5Bgk9fKRHvSJcA&google_cver=1
Request Chain 227
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419371645675
Request Chain 228
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6281404486374392508
Request Chain 230
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8c84bc6b-0ae6-823a-9a75d38a
Request Chain 244
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1ou03jOxRHeGjEyggcXWSg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1ou03jOxRHeGjEyggcXWSg
Request Chain 245
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Gfk4_8_nTBCEjCvSgtcNkQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Gfk4_8_nTBCEjCvSgtcNkQ
Request Chain 246
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhTSE5ZWjgtMVMtN0ZOOQ==
Request Chain 247
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI5MWJmODQ3ODg5YzdkNTMyNmYwMmE5MDJkYzZmZTQyNDNhNTkzMw
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECrHcFIypObWDDo-F_f9Eoc&google_cver=1
Request Chain 249
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LK8kzNvadWKgzZagLHNQp8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5269230929065095330
Request Chain 250
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8SHNYZ8-1S-7FN9

271 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/
Redirect Chain
  • http://click1.mail.wnd.com/izdmytftpgnwpqprwbdkgwzfpcwbzqbdzvpgdhbyhgygcm_qwmmwmnvsgtmffnddswpd.html?a=04326a45ce34b62a6acffaedcedc065f
  • https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acf...
134 KB
27 KB
Document
General
Full URL
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be005c5a047b274ed69178b01601024cbb0334461e64d658a2825f65c91e7ccb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1200
cf-cache-status
MISS
cf-edge-cache
cache,platform=wordpress
cf-ray
75442eb53cd69091-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 03 Oct 2022 08:07:08 GMT
last-modified
Mon, 03 Oct 2022 08:07:08 GMT
link
<https://www.wnd.com/wp-json/>; rel="https://api.w.org/" <https://www.wnd.com/wp-json/wp/v2/posts/5031823>; rel="alternate"; type="application/json" <https://www.wnd.com/?p=5031823>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iipbQD411ZwomE5C4k9lD1gJVWVQtc3USsMZnsG8sZdBIYek7ZXeZ777UK7fuV9w9bLHn%2FBEsNjR08XZ701Ts%2BGmNCwAijgcihWZ70LyuFnXznsbmbZoG1vnt4lCLp0%2BKWwHQrDWOAP5hA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html;charset=utf-8
Date
Mon, 03 Oct 2022 08:07:07 GMT
Keep-Alive
timeout=60
Location
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Server
Apache-Coyote/1.1
script.js
d1zxg9iar5y3ur.cloudfront.net/
121 KB
42 KB
Script
General
Full URL
https://d1zxg9iar5y3ur.cloudfront.net/script.js
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:cc00:16:55f6:40c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4facb61f7f55cce048388b98dc6efe7256687a5b44b08480e719fdf6d0b8e3d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
5djxXSAeSSo0YXfB8W52vRBqi_Z2yf41
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:06:24 GMT
last-modified
Fri, 30 Sep 2022 17:23:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
44
etag
W/"7e9280c711e9eb8b5c4072b4fcd4bc78"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
s99FfvSJfaw6GyGw_jO_eip0hU4zIzkrLujXB6HQCo-Fz7PmHjPHbg==
style.min.css
www.wnd.com/wp-includes/css/dist/block-library/
79 KB
11 KB
Stylesheet
General
Full URL
https://www.wnd.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Aug 2021 16:05:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
83
etag
W/"6111524c-13abe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6TMGHt3DaTn66g2wBPkRImMS2FO5Evhq2P1JyZKAk%2BWRuJ4LyFpln9RF9d7aLOPqxZ2jl6GCHfHArWSJkB3u5Hg6pVaWkQerEn3lfbMRQEcCiE6oRYosW0SpDlafqzAs%2BFZek2gAbomoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1200
cf-ray
75442eb7ca209091-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
polls-css.css
www.wnd.com/wp-content/plugins/wp-polls/
2 KB
788 B
Stylesheet
General
Full URL
https://www.wnd.com/wp-content/plugins/wp-polls/polls-css.css?ver=2.76.0
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83
cf-polished
origSize=2708
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 25 Aug 2022 16:32:55 GMT
server
cloudflare
etag
W/"6307a437-a94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omYtIEDgGHRuO2ZMEbsNCYyvgbbv8pQfnshbkEapvYNJLp8QLEiH4y4c9mw5uPbB%2B24G5hBru54%2BOlX%2B2o9GUiDM8f63DRYU3AguhdODaki8CpfZxgx4aMRIQDM9h5HnZDgGrNnj40k8tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1200
cf-ray
75442eb7ca229091-FRA
main.css
www.wnd.com/wp-content/plugins/wnd-functionality/assets/css/
72 KB
14 KB
Stylesheet
General
Full URL
https://www.wnd.com/wp-content/plugins/wnd-functionality/assets/css/main.css?ver=1658263650
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1490cb33030e642d11eaa1230e46935857ec093d5f9df98ed563810b2d3058e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83
cf-polished
origSize=74542
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 19 Jul 2022 20:47:30 GMT
server
cloudflare
etag
W/"62d71862-1232e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNcg1pBIBztWenCcQ7e1dK5UY4rE0yqxPvdJmBQ3fnaGWsG2Lz6x9fA5%2BhV3vXatqs3ydt6ArJzE9r4okUrNLJ3AxAhbZgxLqMx%2BrpuAw1jbFJggfST%2FY1icBDIZuPZIvPrgmwUPxi2a%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1200
cf-ray
75442eb7ca239091-FRA
1bd0a899fef4e32eebc730c2e0310c28e7c1aad4.js
cdn.izooto.com/scripts/
897 B
773 B
Script
General
Full URL
https://cdn.izooto.com/scripts/1bd0a899fef4e32eebc730c2e0310c28e7c1aad4.js
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bd6807cd733043c9c0d588f847993a9ec76057396dfbce898aa369c988cdf1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 26 Aug 2022 18:12:16 GMT
server
cloudflare
age
67851
etag
W/"63090d00-381"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
75442eb85dbc9b7a-FRA
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 08:07:08 GMT
888d9f08-6811-40ec-95fc-ac103c950648.js
product.instiengage.com/product-loader-code/
17 KB
5 KB
Script
General
Full URL
https://product.instiengage.com/product-loader-code/888d9f08-6811-40ec-95fc-ac103c950648.js
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ca00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
636c1c6390b6c901276d791f8b50884fcd42695e660f803aec59e1806f3ff8ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
TQDdt4ZCNMa4kgKxaUwM7krAd4TWSbgY
content-encoding
br
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:05:45 GMT
last-modified
Thu, 01 Sep 2022 15:12:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
244
etag
W/"53303fa3646a61fbb4ba6b820829dba3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600,public
x-amz-cf-id
Akw58KaAK-z8xFHEnT_Jo6gP962_hT6lp3CHSyJVhrvIeeL78jKgVw==
wnd.svg
www.wnd.com/wp-content/plugins/wnd-functionality/assets/images/
2 KB
2 KB
Image
General
Full URL
https://www.wnd.com/wp-content/plugins/wnd-functionality/assets/images/wnd.svg
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f325a9124cb921e418693fb27a942ecc670b375a35732e30524819ab7a7cd78a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Apr 2022 17:49:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
348
etag
W/"626c253d-858"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxTVAut5SRSA9C3Xk5fRc9BVCauNg8DiBLbfJbug5u%2Fv5Y46hzQRoROi8F%2FeNGzXKoydjvaXJCaHmZKEXtZTsQIxFGn%2B5M9MAvhNv%2F0Jen4ye83vcekzd9hz26S8UE0QqqVhTWmuuDTK6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1200
cf-ray
75442eb90b13bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wb-092022-COVER__60702.1663560725.jpg
cdn11.bigcommerce.com/s-df19ge4lyd/images/stencil/500x659/products/29238/6955/
115 KB
115 KB
Image
General
Full URL
https://cdn11.bigcommerce.com/s-df19ge4lyd/images/stencil/500x659/products/29238/6955/wb-092022-COVER__60702.1663560725.jpg?c=2
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.141.128.3 , United States, ASN399566 (BIGCOMMERCE, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b925efa0ae25fc273f2c7d20ddb32e2a7fff8ad9283faa9f896cb6d47aec600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
x-bc-is-ha
1
cf-cache-status
HIT
x-bc-origin-cache
MISS
age
1180508
cf-polished
origSize=124481, status=webp_bigger
content-disposition
inline; filename="wb-092022-COVER__60702.jpg"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117328
x-request-id
4726730afcd20ba17c80ee145f3a9a71
cf-bgj
imgq:100,h2pri
last-modified
Mon, 19 Sep 2022 09:07:28 GMT
server
cloudflare
access-control-max-age
604800
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556926, public
accept-ranges
bytes
cf-ray
75442eb9ef549990-CDG
expires
Tue, 19 Sep 2023 14:56:13 GMT
email-decode.min.js
www.wnd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.wnd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Sep 2022 11:11:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633188f8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOdSbQQj0Sctu1kCp%2F4%2Fu7UR6i8FImYRE5Es8L%2F2sh2kWlDvsZ33V4znE%2BzBm1Egc%2Bq2VHbWzqCDom6al2YF1SiooDivRz7J9JHbozzKdrnrKs2bE16DDmLtR8hen3zNHWXoGLoz36wH8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75442eb8ba55bb7f-FRA
expires
Wed, 05 Oct 2022 08:07:08 GMT
runruh.jpg
www.wnd.com/wp-content/uploads/2011/10/
Redirect Chain
  • https://www.wnd.com/files/2011/10/runruh.jpg
  • https://www.wnd.com/wp-content/uploads/2011/10/runruh.jpg
5 KB
5 KB
Image
General
Full URL
https://www.wnd.com/wp-content/uploads/2011/10/runruh.jpg
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17ba6a777a2d2935c88d758a515856909d2320b05ffc5edf736a4e500bf3607

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Oct 2011 23:43:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
349
etag
"4ea5f836-1243"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjCZlFmG2VO6HURLdZd%2BDwrtrNEMM3hlIBahaEgXvWHjScCzBabu2841nPUufSefizKpdOVnvAxLkGJ4XFAmAPBeszz%2FGyebWrYeYB7tT%2Bw%2FVZYfgFsswLeUlYy3YXElpiu8NtUQInyyUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
75442eb96bffbb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4675

Redirect headers

date
Mon, 03 Oct 2022 08:07:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyBKhqXn%2FrAHlntUYmf68h1H%2BI2cm46lhHyU2z7PUmnjY9BxE7hey%2B2H3M%2BcxIXIVZeBabUxrDzxZJNAu0PlERcpzHC1eF5nQFLbzcO%2B5icHwa0ZGkmBP2tRRKs9XQon4L1Db9nbqjNr%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.wnd.com/wp-content/uploads/2011/10/runruh.jpg
cache-control
max-age=3600
cf-ray
75442eb90b16bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 03 Oct 2022 09:07:08 GMT
bundle.js
soapps.net/live/loader/
20 KB
9 KB
Script
General
Full URL
https://soapps.net/live/loader/bundle.js
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.129.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-129-115.compute-1.amazonaws.com
Software
/
Resource Hash
3988f57751937ac8f5ceb338d62672d4f6ae1b8dfdbb969c651adf3184ef830d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 08:07:09 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 23 Aug 2022 11:25:56 GMT
ETag
W/"6304b944-50f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=300
Connection
keep-alive
set.aspx
bh.contextweb.com/bh/
49 B
397 B
Image
General
Full URL
https://bh.contextweb.com/bh/set.aspx?action=add&pid=1&advid=5248&token=LCMHRD&do=add
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
global-min.js
www.wnd.com/wp-content/themes/firefly/assets/js/
125 KB
47 KB
Script
General
Full URL
https://www.wnd.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1635450462
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b5f357170c82bb72fcd88cab586c4421f11926528e2fa1e6d97977a1edcbed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Oct 2021 19:47:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
348
etag
W/"617afe5e-1f39b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfkLrhgprQidQKy3dPAe%2FBGKG%2FmYWthd0WlpkQAxjpjKYqVyGJQ7aymkaoNXyJV5pRXrFzxx0EPqwJkcpiWhy5KToJiVX9m3VOb9H%2Fft1hmKNnYmy7y7p1hqgsJJrrnZJD6YQNMHO%2Bcp2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200
cf-ray
75442eb90b1abb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
www.wnd.com/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://www.wnd.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Aug 2021 16:05:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
348
etag
W/"6111524c-592"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BM7PQUUSCKJf8L7GXvC0aP2IQQ%2BnCjjNTWBfGuKEv41AV6c%2BnkO7kZJre5evGmmbPI6RiiSaPXoms8sDplbRQCk0gmZ49VvKCPmSgBED482iUCfEYh%2F9phZbSjOL%2FnsZlLDYq%2FG%2B7trokQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1200
cf-ray
75442eb90af1bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1a
i.clean.gg/
0
15 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 03 Oct 2022 08:07:09 GMT
server
nginx/1.21.6
via
1.1 google
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 07:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
3071
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 03 Oct 2022 09:15:57 GMT
gtm.js
www.googletagmanager.com/
181 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K3K9VP
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9eafcbc4603f719c93d1571c81273154efa5975fd565b936d498a23e02a1cd46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54435
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Oct 2022 08:07:09 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158410/3599/
198 KB
61 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4ae165aadeae075c21a401032220d66ffb9ea428016cbfc81fc84856ba5107e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 19:55:18 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=43336
accept-ranges
bytes
content-length
61991
expires
Mon, 03 Oct 2022 20:09:25 GMT
izooto.js
cdn.izooto.com/scripts/sdk/
219 KB
54 KB
Script
General
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b9044673e0dbf5d355014a286851375397aadccc29e53d3b2fec0aeb056399
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 20 Sep 2022 13:47:29 GMT
server
cloudflare
age
1102718
etag
W/"6329c471-36d42"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
75442eb91f8c9b7a-FRA
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 08:07:08 GMT
atrk.js
certify-js.alexametrics.com/
4 KB
5 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-48.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Sat, 28 May 2022 01:59:52 GMT
Via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
11081237
ETag
"d89453438fbf10dcf4c13265c40d5160"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=26920000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4255
X-Amz-Cf-Id
vMScAy-GuODXYjZF028Sn_Cv9gRMSyvbCPJCO44NGXvQF2ONHWkOvQ==
v2bxlVYgfmBS0Q0hJWcJTDskRbVLCttqKoP9bvXwc_tFUDjZsRV50oiEJtqnYmDGl
calmcactus.com/
605 KB
103 KB
Script
General
Full URL
https://calmcactus.com/v2bxlVYgfmBS0Q0hJWcJTDskRbVLCttqKoP9bvXwc_tFUDjZsRV50oiEJtqnYmDGl
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:b14d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ea622dfe5fbda571fa79938fdf49371432560ed8274b1aa41650a8c76733d281
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 03 Oct 2022 08:07:09 GMT
x-datacenter
gce-europe-west1
etag
"11bd71396d7b6c084a74a8b0f9ab29663ea50fc915bc499f068d9eb0e94beffc"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-33r1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
888d9f08-6811-40ec-95fc-ac103c950648.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/
22 KB
7 KB
Script
General
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/888d9f08-6811-40ec-95fc-ac103c950648.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06fafd50b3964c2ce237edbfe429cc784247346d87abb10686002a8b26c3ff9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
MEMBJeEho6s9WAADd9wVcHfgSYsCfBMe
content-encoding
br
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:07:09 GMT
last-modified
Tue, 27 Sep 2022 22:32:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
44
etag
W/"631de875f31c16d1a4f68f289d42f4f2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
SLLU6WLfuDVEy3rHmjaToq3TemeZQ7FpLozHv7Fu-mKj3ENMV_zlCA==
apstag.js
c.amazon-adsystem.com/aax2/
167 KB
43 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:03:48 GMT
content-encoding
gzip
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
202
x-amz-server-side-encryption
AES256
etag
W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
-26s9396XQvLjRdA0CXYa5rvFETuEHtLJLS9UvwITsg2sP_X0w1y5w==
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 05:55:02 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
9561
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
vWAsm6gj6egEhrTMdAGd5AAuL90cSb5EXNLl5RCh2uQCyIAT60fkQg==
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bbf056522aaca03f446892c920a353bf4dfe24d8c697a052cd9ec255142327dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 08:07:09 GMT
content-md5
FJ5Wqwfy+wkCMf0xptIyWA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
YCJMjScE8gZ+XFRyFLFKahPyUaOvVk181txFXSnjwrqz0C3qJ9YGlQxtRA1ISkuUxPUbyrYn6gzq4NiKBUg0uA==
x-fb-trip-id
917726464
x-fb-content-md5
fedfe088c189fdbbb36882f39b9139d2
cross-origin-opener-policy
same-origin-allow-popups
etag
"f9cab57be4e37ac7afa1bafb2d6a688c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 08:12:47 GMT
1e02c7fa.js
cdn77.aj2495.online/
36 KB
13 KB
Script
General
Full URL
https://cdn77.aj2495.online/1e02c7fa.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
918ac16fbda4c28698371c4917a769777754bc8e450760c1efcca36ab5abe075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySIRB3xH7/QH0IAA
x-accel-expires
@1665264877
date
Mon, 03 Oct 2022 08:07:09 GMT
x-77-pop
frankfurtDE
content-encoding
br
server
CDN77-Turbo
etag
W/"074e62b6ee38cf3f3b2717a153edbe03b"
x-77-nzt-ray
MjH3p4K5/2k
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-77-cache
HIT
x-age
556352
icomoon.woff
www.wnd.com/wp-content/themes/firefly/assets/fonts/
4 KB
4 KB
Font
General
Full URL
https://www.wnd.com/wp-content/themes/firefly/assets/fonts/icomoon.woff?fd99la
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/wp-content/plugins/wnd-functionality/assets/css/main.css?ver=1658263650
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4074d1b1ec5ed8b5c936fdb79727582093c45a66cecb49483022c22d8079c30a

Request headers

Referer
https://www.wnd.com/wp-content/plugins/wnd-functionality/assets/css/main.css?ver=1658263650
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Jul 2020 22:32:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
120
etag
W/"5f06497f-10e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BS0M%2BUQ5itibsAdVpnVVf%2BnmS01I%2FxLBSBE672sRYmmBqihpZzsdQHYYlsyDqxYVYXpEr%2FIbjB%2FhBFhw3%2BgxEcsde3YWccrJzc1CBmg%2B5R4XtBXbzWSQpS7%2FzHKPSmwHn6OBMJ27agYUEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=1200
cf-ray
75442eb91b26bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
140316briberyshadow.jpg
www.wnd.com/wp-content/uploads/2014/03/
202 KB
202 KB
Image
General
Full URL
https://www.wnd.com/wp-content/uploads/2014/03/140316briberyshadow.jpg
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b6f10f5c9ba84e9702808ad936d014da5ba012b3c531bc48ce1c364110ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Mar 2014 18:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5325f3f2-32788"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgUzsA04aofK9BwjkqXwAsa74NnrhmS2gpxCfVMH%2BtxnqOY8s4o4m964H8%2FAHamu8AKGwTrjaNU216Ld0tTkajSbP5jtzMmW7x5gQr1TD%2FqaQlVwHD9keGmh8oaFi%2B0K7gkz62XRtr1Bzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
75442eb93b80bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
206728
delivery.js
assets.revcontent.com/master/
153 KB
49 KB
Script
General
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6409a3197cf3c4dbdea7fe09e73ef51b077d98df9351aa3bee222cdc3d7e7160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
last-modified
Fri, 23 Sep 2022 14:13:26 GMT
server
AmazonS3
x-amz-request-id
85BQR5SDKJ46YNQ5
etag
"ccd38f0e7c3297bd0a5dbd38a27821be"
x-hw
1664784429.cds065.lo4.hn,1664784429.cds072.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
49673
x-amz-id-2
rA3IFytbXcKOiWkUkjQxQyWgelfT/W0BSdhMy1vCW8OeE1vO8Wd6Xv2DNaoi7Pcmw7dh3NQ2fLg=
wnd.com.1135114.js
jsc.mgid.com/w/n/
2 KB
1 KB
Script
General
Full URL
https://jsc.mgid.com/w/n/wnd.com.1135114.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7dc0e38aae53ec15afb475a987476007023e1cd1102f288da4e503bae39b7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
x-amz-version-id
5CynsfqHO1vAQDwl8kdBPqfsqMlVRB2Z
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
0K2N9A7BJ2RTRP07
age
550
cf-polished
origSize=2308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6XVjzvazwO9eAnItA0FStQlD7ayQhJ7hYZce9iKd1m1YTgP8UjW7xi3AHjaMNyuFbLpQW/8ePko=
cf-bgj
minify
last-modified
Wed, 28 Sep 2022 17:29:59 GMT
server
cloudflare
etag
W/"133cd3530990796f157c39c45d6720bb"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
75442eba095c6916-FRA
expires
Mon, 03 Oct 2022 11:07:09 GMT
widget.js
cdn.userway.org/
1 KB
1 KB
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3419c40d6c330df291db358b298376c17d1106d91413da1a40956cb53a638167

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Mon, 03 Oct 2022 08:07:09 GMT
via
1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
VIE50-C2
age
529
x-cache
HIT
x-77-cache
HIT
x-age
3355
x-77-nzt
Abm0DAaBsoT/Gw0AAA
x-accel-expires
@1664784674
last-modified
Wed, 28 Sep 2022 11:58:53 GMT
server
CDN77-Turbo
etag
W/"fd0c822a4d0268c0a0456b539f493e92"
x-77-nzt-ray
EpsAm/yDL5A
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
5ikbx8fQlpenmObRNntim8aeaeZqhOuvilYOwEpHFexE8lFF_vU_FA==
ats.js
ats.rlcdn.com/
109 KB
38 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-53.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date
Sun, 02 Oct 2022 21:30:19 GMT
x-amz-cf-pop
FRA56-P6
age
38211
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
3chRCTUsEQMzUCKChaFS1eo7AmY2MI3Q0gKAU2ppST9vg8khL42qxQ==
wnd.com.1222091.js
jsc.mgid.com/w/n/
2 KB
1 KB
Script
General
Full URL
https://jsc.mgid.com/w/n/wnd.com.1222091.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbd0e87d38896c20cb10c5e70a467b770f22981bb1e8d2d0094452a26c607bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
x-amz-version-id
X_xpx7aysxfiRL3CtccYvrq6G3lE3YIT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
QXXGCWAY0GTW6TV1
age
424
cf-polished
origSize=2308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
nPvNt3hmik22PjjHlln3MkRwUIMjwUewQxQOoiL1k81qoZP2TiK5XBH6ehr+NixuUVEPQKTpOPg=
cf-bgj
minify
last-modified
Wed, 28 Sep 2022 17:32:45 GMT
server
cloudflare
etag
W/"331f5c28f9f9b3107fbb0791194bd65a"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
75442eba09626916-FRA
expires
Mon, 03 Oct 2022 11:07:09 GMT
jimmy-carter-huffpostlive-vid-600-jpg-340x184.jpg
www.wnd.com/wp-content/uploads/2018/07/
13 KB
14 KB
Image
General
Full URL
https://www.wnd.com/wp-content/uploads/2018/07/jimmy-carter-huffpostlive-vid-600-jpg-340x184.jpg
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41a352fd34a7d6db55e61362ee66af6ef397f68acb101017e7657d4ee89cf6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
cf-cache-status
HIT
last-modified
Mon, 09 Jul 2018 18:37:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5b43ab6d-34dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FA3m5u7hZcpQ3BapX4jq8nymiJmC22uWivAGE62ByPCeq97%2FmV3NSS2XWO7TSmh4d5W1R19AxA8qIxagvEwXXgJnOxGCwcJAL4dRegJ8%2FW96Oxn2XiQbbChj6p2ggR26b35JK86D3jOYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
75442eb98c5dbb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13533
enragedbidenscreenshot-345x181.jpg
www.wnd.com/wp-content/uploads/2022/09/
9 KB
10 KB
Image
General
Full URL
https://www.wnd.com/wp-content/uploads/2022/09/enragedbidenscreenshot-345x181.jpg
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
347915247efec5ec33a65a5481aed516b8e9107911c421b03e9aac14429e8af5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2022 13:19:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
348
etag
"631202df-2563"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z%2BYl8wS5dQL8RzwPvcRlC6%2BYqVpYpNSuhnk0za3xMUQ3W20jzZUc1fHS3czibY8nsWRsqq2zSDySznMJRY%2B%2BpvI5Efjz681FboId0VApbLBKI4pnfYOyVdcsHhRRW3llJ1Zkb79eR8n7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
75442eb98c60bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9571
American-flags-Pixabay-345x181.jpg
www.wnd.com/wp-content/uploads/2021/07/
24 KB
24 KB
Image
General
Full URL
https://www.wnd.com/wp-content/uploads/2021/07/American-flags-Pixabay-345x181.jpg
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e8e948a2d38bff2f31aaf87feb8b09d27c18317b78d7dc5bd6f159f255ea3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
cf-cache-status
HIT
last-modified
Sat, 02 Jul 2022 21:13:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62c0b50b-5fe6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1xQhnoUKb7ABclcd5cSzfVjpMuT8R%2Fo4vnPdKrbd%2F%2FNjRh7SRoI9T8uoejY%2BvlibQNwg8bkMD5g%2F811%2B9CvR%2BiE%2BenPdE%2BNX907pSDVVxDcG%2FwQy%2B0QIpLZtXdCbmiNLaPVHmgkO3K21Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
75442eb98c69bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24550
quant.js
secure.quantserve.com/
26 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
etag
"+b0B6ncQDCugPb96DWf2QA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 10 Oct 2022 08:07:09 GMT
atrk.gif
certify.alexametrics.com/
43 B
552 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&time=1664784429029&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&random_number=21056130176&sess_cookie=e2cb02211839ce26fe4f03db458&sess_cookie_flag=1&user_cookie=e2cb02211839ce26fe4f03db458&user_cookie_flag=1&dynamic=true&domain=wnd.com&account=nnBqk1aUy100E7&jsv=20130128&user_lang=en-US
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 02:09:43 GMT
Via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P3
Age
21447
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
Kf1Eu538TWmWpawAtAClnCAj7p3-o6T5OmIu_wbXEkhTZS3BH7pvNQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/
0
48 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.251.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-251-53.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
server
Server
e8f0b3d8-33aa-4a42-9467-867f8129c9ae.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/888d9f08-6811-40ec-95fc-ac103c950648/
163 KB
33 KB
Script
General
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/888d9f08-6811-40ec-95fc-ac103c950648/e8f0b3d8-33aa-4a42-9467-867f8129c9ae.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6a00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56de85fb0fbe41ad987565b379c2a261b6d489151c5dcd415f73717f453ccc99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
SV3TsvUyTZMunIXNaayYn5FrWh0fVyeN
content-encoding
br
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:07:09 GMT
last-modified
Tue, 27 Sep 2022 22:32:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
43
etag
W/"288f3b9fe37d2d4267fcc0da33c69547"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
W4THRF4TsCM5OfYjojzu8Z9-8hbivdRAcGDxz39qdv6oXFPhdvNSvA==
/
geoip.instiengage.com/json/
240 B
424 B
XHR
General
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.124.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-124-45.compute-1.amazonaws.com
Software
/
Resource Hash
1c5ef9a8aa5bc486dbcc4f491e7af43986cceda9640fa3d6d453972a220a084a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:09 GMT
access-control-allow-credentials
true
x-database-date
Sun, 02 Oct 2022 23:36:03 GMT
content-length
240
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame F7A0
75 B
466 B
Document
General
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ca00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
86
cache-control
max-age=300
content-length
75
content-type
text/html
date
Mon, 03 Oct 2022 08:05:44 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Tue, 16 Aug 2022 12:46:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
x-amz-cf-id
cKn4xQADBBoWGJ_zDlcEoQLzeDALSdpppW3uLTN8JmY31f9ujsxlBg==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
wwuA1teHfpxnNE1op.J6Ishi5Ug48nVr
x-cache
Hit from cloudfront
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 1F2C
4 KB
1 KB
Document
General
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
69873
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
75442eb9c9659b7a-FRA
content-encoding
br
content-type
text/html
date
Mon, 03 Oct 2022 08:07:09 GMT
expires
Thu, 03 Nov 2022 08:07:09 GMT
last-modified
Tue, 05 Apr 2022 12:00:20 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 07:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 03 Oct 2022 08:26:07 GMT
authIframe.js
auth.instiengage.com/auth/ Frame F7A0
65 KB
22 KB
Script
General
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ca00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
bjKlbjl1idrb07_BYuQLp8gSlZzXUS_r
content-encoding
br
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:03:44 GMT
last-modified
Tue, 16 Aug 2022 12:46:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
205
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300
x-amz-cf-id
rghwzdmesDb_n8CSuIN8JYGRD_yA7KFVy8DFb5J3zHcDdzPxXHdm-g==
b
sb.scorecardresearch.com/
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=20480112&cs_it=b3&cv=3.8.0.210223&ns__t=1664784429107&ns_c=UTF-8&c7=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&c8=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&c9=
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
tW9C03uQ1GA4P8VNGYqEp4NWk1ELT0r_-_3H7-XXBc5Xjo5Zzcpa7w==
x-cache
Miss from cloudfront
sdk.js
connect.facebook.net/en_US/
305 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=afa8247f797f698eae4377f5c9f2c2fc
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cca9240352292cfb0df812adab56adbf84e03dcd05ba1ea159a9e506c117cebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 08:07:09 GMT
content-md5
3sff4x3uAzmb23wOEFZ9FA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88393
x-fb-rlafr
0
x-fb-debug
0Z4zCqMvs8FqZzcuDAtYBYwE9WRQNLnkapXuVEplJp79if5nefFMkdB94NTlKWRSCeEYelfO1/M4rwx8QeM62g==
x-fb-content-md5
a0588d9ebbe3130102b1c0a0fc662f6d
cross-origin-opener-policy
same-origin-allow-popups
etag
"1218f039ee844bd49d31fd6646776be1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 03 Oct 2023 06:30:50 GMT
/
geoip.insticator.com/json/
240 B
424 B
XHR
General
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/888d9f08-6811-40ec-95fc-ac103c950648/e8f0b3d8-33aa-4a42-9467-867f8129c9ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
1c5ef9a8aa5bc486dbcc4f491e7af43986cceda9640fa3d6d453972a220a084a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:09 GMT
access-control-allow-credentials
true
x-database-date
Sun, 02 Oct 2022 23:36:03 GMT
content-length
240
vary
Origin
content-type
application/json
888d9f08-6811-40ec-95fc-ac103c950648.js
df80k0z3fi8zg.cloudfront.net/files/instibid/
288 KB
87 KB
Script
General
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:b600:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30de2e6c987e9d041cd6b12a4a4bb6f553f00d7e5e7922ac0b1fca4c63df9f70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
rbdzjAdYrV1KH4SjyafIP2HVsJ5req2F
content-encoding
gzip
via
1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:07:09 GMT
last-modified
Tue, 27 Sep 2022 22:32:15 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
34322
etag
W/"cdf5aa344dca0897b8a98350653206aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CXyWsqzrNyhXbjXdxS6bJS81KPAJ8T-pLh4TS_2TGE3nIhN1nwnVtg==
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/
23 KB
8 KB
Script
General
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
content-encoding
gzip
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 02:26:22 GMT
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
20448
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
aPp2QmQWojdmMX3XJlToT1fUJ8R2TbM0e9Vsefdjyp2l4nUYe2KX1A==
config.js
cdn.confiant-integrations.net/GkEkQif6INZKXAE-PNQESRSrDNk/gpt_and_prebid/
76 KB
18 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/GkEkQif6INZKXAE-PNQESRSrDNk/gpt_and_prebid/config.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2632b3fbd3a53c9c1ad2112e29ebd24ef3f59d7d17e97f1825c726f556e3bb06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Oct 2022 06:28:11 GMT
server
cloudflare
x-amz-request-id
RA0VFVEWAECQ8KKH
age
245
etag
W/"c924b0f8cebf1ef34c43840a1026b11c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
75442ebae8b99c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6lzKamMrRpqIwZlHuEzx15jtUMue4Neb6cpcAw2HVFCZJFIdwIFkeZaassoYzf1BeXW6Pfr/Awk=
event
event.insticator.com/v1/
0
118 B
XHR
General
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/888d9f08-6811-40ec-95fc-ac103c950648/e8f0b3d8-33aa-4a42-9467-867f8129c9ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.100.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-100-196.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:09 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame
0
0
Preflight
General
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.100.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-100-196.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.wnd.com
access-control-max-age
3600
content-length
0
date
Mon, 03 Oct 2022 08:07:09 GMT
vary
Origin
config
c.amazon-adsystem.com/cdn/prod/
801 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.wnd.com&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6788f095682f1e59656329fcc0a057cc2db5155494119e3df6c50658210a21ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 02:37:05 GMT
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
19803
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
801
x-amz-cf-id
IkXT62Bdt98mOho6pa_4oHymKMdkv7jq1gVWwwyY0_gxgD9ekptW7w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 04:37:10 GMT
x-amz-cf-pop
FRA56-P6
age
12600
x-cache
Hit from cloudfront
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
0FhW9Od901vxFgx5cDeI9tH59pOzLY87DaOGEEodGSiPmmUs8m15kQ==
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
collect
stats.g.doubleclick.net/j/
1 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-3977950-12&cid=2143463904.1664784429&jid=2069270554&gjid=1937553160&_gid=1954303079.1664784429&_u=aHDAiUAjBAAAAE~&z=1348738992
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 03 Oct 2022 08:07:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=1574939564&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&ul=en-us&de=UTF-8&dt=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiUAjB~&jid=2069270554&gjid=1937553160&cid=2143463904.1664784429&tid=UA-3977950-12&_gid=1954303079.1664784429&gtm=2wg9s0K3K9VP&cd1=http%3A%2F%2Fwww.wnd.com&cd2=0&cd3=700&cd4=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&cd5=runruh%40wnd.com&cd6=WND%20News%20Center&cd7=2022-08-19&cd10=0&cd11=0&cd12=0&cd14=&cd15=Education%2C%20Health%2C%20Money%2C%20Politics%2C%20U.S.%2C%20WND%20News%20Center&cd16=web&cd17=true&cd23=22&cd24=67&cd25=271&cd29=0&cd33=2022-10-03T08%3A07%3A09.70%2B00%3A00&cd34=1664784429070.xk1oz9v&cd37=false&cd38=&cd39=&cd40=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&cd41=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&cd42=5031823&cd43=standard&cd44=67&cd45=67&cd47=above_article&z=1882723373
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 21:13:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39229
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/
30 B
595 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.106.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-106-121.bud50.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 03:25:07 GMT
via
1.1 df153902fc47e450893ee30df220e710.cloudfront.net (CloudFront), 1.1 d667fe6bf9fe3fd5597714f8c6efee72.cloudfront.net (CloudFront)
x-amz-cf-pop
DUB56-P1, BUD50-C1
age
16922
x-amzn-requestid
0c00f2b7-2e55-4e10-b39b-0c29e22ecb72
x-amzn-trace-id
Root=1-633a5613-0ec90cef06c835821bdcdfbe;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
ZaJjJGhEDoEFSaw=
content-length
30
x-amz-cf-id
uyMLXM-eL3poOHE6bKWpaP8A10i_v5A5IypPphWJ7XV2LsZFRN2W3A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/
199 KB
61 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:07:19 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=50753
accept-ranges
bytes
content-length
62062
expires
Mon, 03 Oct 2022 22:13:02 GMT
wnd.com.1222091.es6.js
jsc.mgid.com/w/n/
252 KB
74 KB
Script
General
Full URL
https://jsc.mgid.com/w/n/wnd.com.1222091.es6.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc6bfcf97a5ecac712579f8befdb7ab0f43d548b4b89849fbf307a6d58472e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
x-amz-version-id
Xxa8ioCd5_oAhnNm0hLUpRjBbhuONvVl
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
QXXJR5QVDHE0E5NW
age
5283
cf-polished
origSize=258318
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Z4Vjh4vk74sGREDacCUxKGhBGL9HaYPvYn2Ew8Gm+1joYRC2BiRZit6ljq6RAM081z32Qfg12zQ=
cf-bgj
minify
last-modified
Wed, 28 Sep 2022 17:32:44 GMT
server
cloudflare
etag
W/"17cf9a66cf095ca37e82a59baf76860c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
75442ebb8bbe9b51-FRA
expires
Mon, 03 Oct 2022 11:07:09 GMT
wnd.com.1135114.es6.js
jsc.mgid.com/w/n/
266 KB
77 KB
Script
General
Full URL
https://jsc.mgid.com/w/n/wnd.com.1135114.es6.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed7b35b6198ddcae4a6acde583762bf5780b1fe304bf1e10e487badc4ed36e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
x-amz-version-id
win7FfMcdM3XQVrEyQ2NC4zj27Z5YS4s
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
0K2MQ9CMNQX86YTX
age
549
cf-polished
origSize=272074
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
GXczKEByMWjhxWzjZaPWbX4wZFKpqllbyF+rPgnBbLdghCb4oSSSPgnPsnWp3q7KXy/mH+AEWIw=
cf-bgj
minify
last-modified
Wed, 28 Sep 2022 17:29:58 GMT
server
cloudflare
etag
W/"ff3213998e7de140e318595cc33b0ffd"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
75442ebb8bc09b51-FRA
expires
Mon, 03 Oct 2022 11:07:09 GMT
rules-p-kZpd2WPpvPttS.js
rules.quantcount.com/
209 B
692 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-kZpd2WPpvPttS.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e1da269f119bd1587b464a2c73cae906c97a5b38cdb828688792231527c626e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:05:41 GMT
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
420
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Thu, 25 Aug 2022 02:01:22 GMT
server
AmazonS3
etag
"42903bcdfbe625fb5f27799838790d5c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
C6IfLFehcd2-oqmKT5T79bCBwmfhXCYAtzNLJuzETEMtWp5XpwxVUQ==
acv.json
calmcactus.com/
210 KB
46 KB
Fetch
General
Full URL
https://calmcactus.com/acv.json
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b14d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 03 Oct 2022 08:07:09 GMT
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Wed, 28 Sep 2022 16:03:01 GMT
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.wnd.com
x-hostname
fen-hoothoot-europe-west1-spot-33r1
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
skeleton.js
static.adsafeprotected.com/
17 B
466 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:aa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
19850946
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
7x-tTq9Ekh8sbB0BTE6NZtuT6ijXdGtuH192c4Q7j3vxoIGQNQfZCQ==
/
onetag-geo.s-onetag.com/
555 B
970 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 09:30:06 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
age
81422
x-amzn-requestid
ce9159aa-3e4d-4177-85b6-73dbe3ac11f1
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
ZXsE3EKciYcFXmA=
content-length
555
x-amz-cf-id
ZeBxMKl_6ffC5fUI58PS1E4NOVktHYu4XL-r4m91qF6g8DBoZ3_abA==
beacon.min.js
signal-beacon.s-onetag.com/
20 KB
7 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:00:01 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
429
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
MWapXc5Qv4wCxk_MGncfxMosH3cZCDAB0MYW7NhrBrnxHI4drWS-bg==
%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F
signal-segments.s-onetag.com/desktop/www.wnd.com/
0
286 B
Fetch
General
Full URL
https://signal-segments.s-onetag.com/desktop/www.wnd.com/%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-59.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
0
apigw-requestid
Zay3JjLyiYcEPNg=
x-amz-cf-id
F0yHep-CQr_MOyXKPLgRwS180qXfYW5AjKd6-vOTZ8x8NDLJkD1gbg==
www.wnd.com
signal-segments.s-onetag.com/desktop/
0
295 B
Fetch
General
Full URL
https://signal-segments.s-onetag.com/desktop/www.wnd.com
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-59.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 15:16:39 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
60630
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
0
apigw-requestid
ZYe1phg7iYcEMGg=
x-amz-cf-id
k-7pDTkBkfYPcGgcYwFk_aryOBaeYmpK83ukNqgnHgaNuZ9Kr8-lcQ==
widget_app_base_1664366167811.js
cdn.userway.org/widgetapp/2022-09-28/
126 KB
35 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2022-09-28/widget_app_base_1664366167811.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1a99b218dbb12e34c8d59e0fa44d6429ecdb119daa55bd10eeb30a7363abd698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Mon, 03 Oct 2022 08:07:09 GMT
via
1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
VIE50-C2
age
527
x-cache
HIT
x-77-cache
HIT
x-age
417502
x-77-nzt
Abm0DAb9Gfv/3l4GAA
x-accel-expires
@1690286927
last-modified
Wed, 28 Sep 2022 11:58:51 GMT
server
CDN77-Turbo
etag
W/"c68efc2f2e21cc14940c37922a1eb249"
x-77-nzt-ray
hII9v0JUVqw
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
OPsy5YQTavWjUB8QBFoornvhNLvo2o1JXbNCuWubN8JH-mvICdPmcg==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202209281849/
206 KB
65 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202209281849/wrap.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a29e9663d611a541179e74f99792d3eb7ce1e9f5199de0f47a4b9482590b129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Sep 2022 22:51:34 GMT
server
cloudflare
x-amz-request-id
J08C9ECHAFRTP4CZ
age
375770
etag
W/"40a9940b5ec91ef8bcd1682ead543dfa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
75442ebc38606969-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
q+78lZ3pE5Zv9bC1k5MJZjkCiKItllnCD8306vNVjGXGjwGWOOV4EDcHG86BXUdFOAdsV4OHuww=
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
23 B
460 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pid=ZE0nM1ba5Suhq&cb=0&ws=1600x1200&v=22.9.81452&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-cmt-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwnd.com_Web_300x250_cmt_1%22%2C%22kv%22%3A%7B%22gpid%22%3A%22wnd.com-div-insticator-ad-cmt-1%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwnd.com_Web_300x250_cmt_2%22%2C%22kv%22%3A%7B%22gpid%22%3A%22wnd.com-div-insticator-ad-cmt-2%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwnd.com_Web_300x250_cmt_3%22%2C%22kv%22%3A%7B%22gpid%22%3A%22wnd.com-div-insticator-ad-cmt-3%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwnd.com_Web_300x250_cmt_4%22%2C%22kv%22%3A%7B%22gpid%22%3A%22wnd.com-div-insticator-ad-cmt-4%22%7D%7D%5D&schain=1.0%2C1!fireflyengagement.com%2C2019001%2C1%2C%2C%2C&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
DMB4Q0D74WGB84MD483G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
co1qqr_ZCb8gsoFRizWKVqdP8le6alpJ6Q13tOJwA7RA_56zxxC0uQ==
pixel
pxl.qccerttest.com/
35 B
550 B
Image
General
Full URL
https://pxl.qccerttest.com/pixel?r=1608482989;fpan=1;fpa=P0-366855074-1664784429411;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=wnd.com;dst=0;et=1664784429410;tzo=0;url=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f;ogl=locale.en_US%2Ctype.article%2Ctitle.Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big%2Cdescription.A%20court%20has%20ordered%20two%20disgraced%20judges%252C%20convicted%20and%20jailed%20for%20taking%20kickba%2Curl.https%3A%2F%2Fwww%252Ewnd%252Ecom%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-bi%2Csite_name.WND%2Cupdated_time.2022-08-20T13%3A27%3A49-04%3A00%2Cimage.https%3A%2F%2Fwww%252Ewnd%252Ecom%2Fwp-content%2Fuploads%2F2014%2F03%2F140316briberyshadow%252Ejpg%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ewnd%252Ecom%2Fwp-content%2Fuploads%2F2014%2F03%2F140316briberyshadow%252Ejpg%2Cimage%3Awidth.600%2Cimage%3Aheight.300
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:cc00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 02:01:57 GMT
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P3
age
21913
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
yC0jLLobBHY30FCSoF0TwPFXsebplRW7cvdD_nwmqVYNKjIHr15R1w==
pixel;r=1153080349;rf=0;a=p-kZpd2WPpvPttS;url=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26u...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1153080349;rf=0;a=p-kZpd2WPpvPttS;url=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f;uh=2b2e810c2650318ae57ec03ce144a48b3c391eec5f4ba97535f7b2f3fafd1234;uht=0;fpan=0;fpa=P0-366855074-1664784429411;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=wnd.com;dst=0;et=1664784429413;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big%2Cdescription.A%20court%20has%20ordered%20two%20disgraced%20judges%252C%20convicted%20and%20jailed%20for%20taking%20kickba%2Curl.https%3A%2F%2Fwww%252Ewnd%252Ecom%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-bi%2Csite_name.WND%2Cupdated_time.2022-08-20T13%3A27%3A49-04%3A00%2Cimage.https%3A%2F%2Fwww%252Ewnd%252Ecom%2Fwp-content%2Fuploads%2F2014%2F03%2F140316briberyshadow%252Ejpg%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ewnd%252Ecom%2Fwp-content%2Fuploads%2F2014%2F03%2F140316briberyshadow%252Ejpg%2Cimage%3Awidth.600%2Cimage%3Aheight.300;ses=691c5094-985a-4010-a7ce-15be8bb512b6
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
openrtb
ex.ingage.tech/v1/ Frame
0
0
Preflight
General
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cc0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.wnd.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75442ebcdd88918e-FRA
content-length
0
date
Mon, 03 Oct 2022 08:07:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcDcTMZIBtqGOQ18Vx5REc%2FCO6NVfzLHx9BNvbSmiQ5T1J00xaI%2B26Bp6gs9TR4V3uzXGqV66s3qbUFQSO9YXLwmhbHRGE1L%2BRZ1LL%2FilRshG%2B0JN0ZMPNye4KDV%2BaQ86get%2Bv3EX44iPULjLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame
0
0
Preflight
General
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_6.29.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:09 GMT
server
nginx
fastlane.json
fastlane.rubiconproject.com/a/api/
668 B
3 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094%3B771342%3B771344%3B771346&size_id=15&alt_size_ids=16%2C43&rp_schain=1.0,1!insticator.com,7afb724c-10ef-44e8-8817-eb6f9a5668db,1,,,&rf=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&tg_i.pbadslot=wnd.com-div-insticator-ad-cmt-1%3Bwnd.com-div-insticator-ad-cmt-2%3Bwnd.com-div-insticator-ad-cmt-3%3Bwnd.com-div-insticator-ad-cmt-4&tk_flint=pbjs_lite_v6.29.0&x_source.tid=fb6d4050-a5cc-4a15-9b0a-7c8d682b3004%3B3f3b1959-25db-49aa-8aff-0f75bbf33439%3B9c7497ad-a492-413e-a0fa-2a94cc3830ff%3B91975b13-3939-45db-add1-e5608f0901c3&l_pb_bid_id=2135e93665f5c3%3B3c7d432eeda977%3B4551657033939f%3B538c6d75409f79&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=wnd.com-div-insticator-ad-cmt-1%3Bwnd.com-div-insticator-ad-cmt-2%3Bwnd.com-div-insticator-ad-cmt-3%3Bwnd.com-div-insticator-ad-cmt-4&slots=4&rand=0.35986683491678795
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ca972fc986f1159ca681e7f46855f50d42d6311401850e11c84ab51d3f0ef3af

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 08:07:09 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.wnd.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
668
Expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/
0
168 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 03 Oct 2022 08:07:08 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.wnd.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

hb
ssc.33across.com/api/v1/
0
0

openrtb
ex.ingage.tech/v1/
2 KB
1 KB
XHR
General
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:cc0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf01bc48918b8cda994a523fae4f0bc4accbcb81876f2c35d744d0af6da912c

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4gkhmUI7wo69ncnRUtXghWyTszRSNmmwYKwbFEufoNb1J41KWaggkDb5AtUogLPjXKsfj18tZwDcvfm9MwY5vJhLN2j1gPwKc%2B6Y%2B0kIK%2Fr9Ho49CpCQDxO7NBNDvACW8dwjGPqOB8Twn5sjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wnd.com
access-control-allow-credentials
true
cf-ray
75442ebe0e769954-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arj
insticator-d.openx.net/w/1.0/
73 B
375 B
XHR
General
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=698ddf53-4c97-4177-8efb-956a81c7c295%2Ca172e78e-9b8a-4f16-9212-afa51e4b151b%2C405b00b8-3d5a-4d6a-9de5-e0c89c4fe2b0%2C4d7223e5-4e2a-4a4b-a63f-9cb57998170d&nocache=1664784429442&pubcid=c4782799-d251-44df-b56e-a6d517b2c96c&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C1636a035900b929%2C%2C&aus=320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250&divids=div-insticator-ad-cmt-1%2Cdiv-insticator-ad-cmt-2%2Cdiv-insticator-ad-cmt-3%2Cdiv-insticator-ad-cmt-4&aucs=wnd.com-div-insticator-ad-cmt-1%2Cwnd.com-div-insticator-ad-cmt-2%2Cwnd.com-div-insticator-ad-cmt-3%2Cwnd.com-div-insticator-ad-cmt-4&auid=545638247%2C545638247%2C545638247%2C545638247
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d260be8d620406cd51bfc7496800d67991fe2cba83e273926a470bf4a96be397

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wnd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
114 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
insticator
insticator.technoratimedia.com/openrtb/bids/
0
291 B
XHR
General
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_6.29.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
189544684
access-control-allow-origin
https://www.wnd.com
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/213163/0/
0
159 B
XHR
General
Full URL
https://tag.1rx.io/rmp/213163/0/mvo?z=1r&hbv=6.29,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wnd.com
pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/
158 B
752 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2242ad857350484bd%22%3A%2267e3cb9fbd42c10e81aa%7C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3Dwnd.com-div-insticator-ad-cmt-1%22%2C%2243d7befd8a96992%22%3A%22741572349acf401913ca%7C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3Dwnd.com-div-insticator-ad-cmt-2%22%2C%2244bb2579823d94e%22%3A%22172be86018fae7b2e9df%7C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3Dwnd.com-div-insticator-ad-cmt-3%22%2C%2245c7d9015685667%22%3A%2286e9dabd58d64340e9cf%7C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3Dwnd.com-div-insticator-ad-cmt-4%22%7D&ref=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&s=b13fd60b-b971-4a4c-b961-16ec06a44042&pv=c93c231e-a9f1-4e4e-923b-7d74d19864b3&vp=desktop&lib_name=prebid&lib_v=6.29.0&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%227afb724c-10ef-44e8-8817-eb6f9a5668db%22%2C%22hp%22%3A1%2C%22rid%22%3A%221636a035900b929%22%7D%5D%7D&coppa=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
4f520303e1751d5fd512b813b2dd31c350a1218374a536cfe586255b1fde0ec1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-66
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
183
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/
405 B
816 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1664784429450&to=0&aun=div-insticator-ad-cmt-1&gpid=wnd.com-div-insticator-ad-cmt-1&maxw=336&maxh=280&si=81515&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C1636a035900b929%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.29.0%22%7D&ogu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F&ns=10240
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.178.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-178-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5d867e07f532072c42bf95e01148048ef9c430401f1be7606558cda7dbbe0a04

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
405 B
816 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1664784429451&to=0&aun=div-insticator-ad-cmt-2&gpid=wnd.com-div-insticator-ad-cmt-2&maxw=336&maxh=280&si=81516&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C1636a035900b929%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.29.0%22%7D&ogu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F&ns=10240
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.178.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-178-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6c8a2da252f28102c2783d4af0ff008cb087a9c2be481bda5eb949e8560ef4f5

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
405 B
816 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1664784429451&to=0&aun=div-insticator-ad-cmt-3&gpid=wnd.com-div-insticator-ad-cmt-3&maxw=336&maxh=280&si=81517&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C1636a035900b929%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.29.0%22%7D&ogu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F&ns=10240
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.178.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-178-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c2449feade421f91c88d79c7966e4f36b2e5f25d2f5c4b4ee3edb8ccb61ffde2

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
405 B
816 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1664784429451&to=0&aun=div-insticator-ad-cmt-4&gpid=wnd.com-div-insticator-ad-cmt-4&maxw=336&maxh=280&si=81518&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C1636a035900b929%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.29.0%22%7D&ogu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F&ns=10240
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.178.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-178-118.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4d4793b66175d4a2207817022b9c25a57813a453f712412f3021e2aa0dec255c

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
/
trends.revcontent.com/api/demand/
0
0

sync
trends.revcontent.com/
0
0

/
trends.revcontent.com/api/demand/
0
0

sync
trends.revcontent.com/
0
0
Fetch
General
Full URL
https://trends.revcontent.com/sync
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.196.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-196-113.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:09 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
openresty
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
zcLGaElsnz66E_0XW17lATbS8TDAGZUb6lf11I_HHAW8tntt26oGrdCFBXbc6NQJPzl2FHRUDXphGGQJN3CJPmnRCU7L4JNVEGjtjA4rT9Y6WvmLTj3_bnr3qVnom2tKB0nLzVIDVWmlr2WI3T6wx74O5cir5bqXhbSZ2MJwEeGrw6kcgO4b2Vg8dEal8AsV1A7rI...
aj2495.online/
1020 B
1 KB
XHR
General
Full URL
https://aj2495.online/zcLGaElsnz66E_0XW17lATbS8TDAGZUb6lf11I_HHAW8tntt26oGrdCFBXbc6NQJPzl2FHRUDXphGGQJN3CJPmnRCU7L4JNVEGjtjA4rT9Y6WvmLTj3_bnr3qVnom2tKB0nLzVIDVWmlr2WI3T6wx74O5cir5bqXhbSZ2MJwEeGrw6kcgO4b2Vg8dEal8AsV1A7rIV0Ohh-qsCAZI6yF1YU08Z3dvEYpIt-sh2zfidT0GfbFSCTQx9sETMdSdFyk1MvzOBILhHVkBXws-QfBxy-WZHuB2SANcMLt4h9TtZX9ilvOLqd10SM8lQQH7VO9tVVRcHiMoF6eDIrDZeLA4vVI6oNGs9ScaAUb6qsG7QO3XKUz6h2Me3Vp4DukGev1DEmhA7HBJNHy-g84CXGJrOVjyUWazCRFFnch9yWE478f0OC4uIsd4Uuk8zfQjGET1Be0JPgVMz-Vd8OhiRZgrfGjRUExWRISqmP2tJuS1RnrdmqPJDVzbnzrUeq3kxRuzICxRR1-1wWdUlTR6jhrCK9tRAJ-z0g0VrJuoWlXzB-o9QdC3kkqqdNz5b4zduIbD6MgkXoxR3KHS0hL0Ssz_TU89XDcSCG2oU9agq6k9o-9VBiYW-hO9Eq_3d20XFuyEwRoquTFyVY0FzEPyvc7qRJt5hVkJYkZ7CcmdEQ0qQw0Qsg2m0hCQcc3ND8ruAD7cyYrAAwtsfFRUPlpqRIWhz1pBqkrtH0JriwLkTUsRPDyb2TpOGPA?
Requested by
Host: cdn77.aj2495.online
URL: https://cdn77.aj2495.online/1e02c7fa.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.69 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
b160d41fa5c36c7660374027a6d5315a49f719c9a3e580e363a0505cc038b2b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
p3p
CP="CAO PSA OUR"
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1020
expires
0
zlqvfmbsWdcSszagBWQB_MFB1O0-UDfwdVTXA7BUp7PXJZu94rn3TiSLW5Zsebug2mH9Y_EFMBziHOlpAJaADr1WaVgz6xbCVNOECA-Kx5CFJh1buufmo5X5VkZgQy41dcmfGJASt5u-oIO3Lbqjjvq6mninrVyItzYeMGFEtHjTegYGJ6G7IDhdmuy9TqvQWvODy...
aj2495.online/
1022 B
1 KB
XHR
General
Full URL
https://aj2495.online/zlqvfmbsWdcSszagBWQB_MFB1O0-UDfwdVTXA7BUp7PXJZu94rn3TiSLW5Zsebug2mH9Y_EFMBziHOlpAJaADr1WaVgz6xbCVNOECA-Kx5CFJh1buufmo5X5VkZgQy41dcmfGJASt5u-oIO3Lbqjjvq6mninrVyItzYeMGFEtHjTegYGJ6G7IDhdmuy9TqvQWvODyvnHpwMxrJ0ccXAUp7XopChoyBjgV8wWalr1wP_6kbg39Vm9L0I7g77dfBVTatP_p4ZFgk9fLmfIOVg6spPHbCGGZzZu2qFcJASKvASuQ8-S_7rrCtQyo2vNP5uYO7UupgYQRtZdRk63hBpGNrGqQ5BIaeCDH7y5bT3DZjQL0A5vykq3Ekv5MDbci1LV8Nq0qT2tsgQ3BdiGLHEeHp9Nq-C2Kr0CVp7ZwUSLmF989ex_SuvxLcHuhWYDW0v0-t3zjeIM18_9aqpL-UjAQbSi5lg0moi5_LN5V14Teu8qUPjFctnZuUt2giW8QzsGOOIgy6aFSaNs5br64wf5EL-L_j5I4s87GANsANc5NFlED9soIes3d9vmE0tOWwvyRSNvFkVvuxVDjYI7uzcSn42V1pq8dSdAQTdmNK0SbB1uzdxQw5SkcnQ3-a2ZgRtzUAYMe5IWXMqhq7JhUl0C0knpTCVt51OMQ_hcSjC766lnAYRxmMJKzq4OebX45eTCebfAofmet1-ROsz9BK1pWknoeijyuUX0xJjr9BigzOGmcjmdGTPA?
Requested by
Host: cdn77.aj2495.online
URL: https://cdn77.aj2495.online/1e02c7fa.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.69 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
00b19569e4adf70abf9f9aa26a9a092bc64b9484b1c83077953b818c7598b70b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
p3p
CP="CAO PSA OUR"
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1022
expires
0
zns1QR8SArAJ33Y_EcCisEnQhcsb1M08Q5vkoAYYKRODA9Mswls_x6n4oYynMgAdDmuyNfqqsLr4AWq2qDAepRe4Xn1UshN2ugj2EsHe1JWufnlr-tG4lz6G2QHiCss4MHsm-14l3aFxGa6MOD8NLPePuiGFxJvngQEjuHxXFYVESeErF6PA0fqTde6KVSisYxXtl...
aj2495.online/
1022 B
1 KB
XHR
General
Full URL
https://aj2495.online/zns1QR8SArAJ33Y_EcCisEnQhcsb1M08Q5vkoAYYKRODA9Mswls_x6n4oYynMgAdDmuyNfqqsLr4AWq2qDAepRe4Xn1UshN2ugj2EsHe1JWufnlr-tG4lz6G2QHiCss4MHsm-14l3aFxGa6MOD8NLPePuiGFxJvngQEjuHxXFYVESeErF6PA0fqTde6KVSisYxXtl-FGL6YxKdFlb9yoerFUHWXV-q1yX9f4SzWLJPzJ9eSPXE6KpOChqhcvCGIzXQQhPx7dnJmmuDveFFBlJBJ18sf-OdICXPhQ4_Hm3mC89_GrviU8FbD773Vfg0qsUIcVA3Yfgubsnzy5n9CADDV4dDhU6l272LATFN1T7q__tlVIepHSx8O4MlFsMyxR85Wl0d9ZxcnW-8zIPiDrvAR5E7fQCYLanky6rQmUTsqqC67_T8RZDr9l7NrlNBorXTMJijR2FSBwkAO0RDPOqf8y69Ktck95SLkETaWlZjTFeifx02Cd6P_7EBCiuFborCTjm6kiUJY3lnqMUNbXBgQAyyafBUbLFPX1O3XX7DXpXlhtKyc9J6piPKNvOJoNhOdsZjXAAFu-tYbf6u4faV0LbYDKCghY9wPrif3z75H7kEXREWoUWFa9VxssJV8c45RCoJM9AQfgVLP41JNNbsitQNyOyrwC4TSroIz_S_UcFWdIRvqkmM1NDJ5c1G8Nqw0NlHFybHqEHE4bKnJttTasKN4ZFKwLF_pl8utjTbj6bizhOGfU?
Requested by
Host: cdn77.aj2495.online
URL: https://cdn77.aj2495.online/1e02c7fa.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.69 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
40bbdc8e50baf24d959cc2361e1696d2f99b758a37c887a42e9d8de7b21184b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
p3p
CP="CAO PSA OUR"
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1022
expires
0
zVaTJNIz97UtrOj6rIg_7eZdDIm9KGhFRsN_e_DVnIQKkCDyR3A5eBuvz7hpY9Qeq8Itwh27dk-QyI5ucRVurHEKfuQ7H6p0fc_oNMImk7kYgrbOFzjERzvfUKPl6YVCmPoDiOt18kH9NCiupZn82FOEKpIAXXMjqhQkdxkfgDaod6iVaBNOnjbKnvk2UG70KtQHO...
aj2495.online/
760 B
1 KB
XHR
General
Full URL
https://aj2495.online/zVaTJNIz97UtrOj6rIg_7eZdDIm9KGhFRsN_e_DVnIQKkCDyR3A5eBuvz7hpY9Qeq8Itwh27dk-QyI5ucRVurHEKfuQ7H6p0fc_oNMImk7kYgrbOFzjERzvfUKPl6YVCmPoDiOt18kH9NCiupZn82FOEKpIAXXMjqhQkdxkfgDaod6iVaBNOnjbKnvk2UG70KtQHO6q1XjMowBvzb2XBwoSnmQMsfiprhlqAlyVhBHK-HFsDkkk9OO4cnKq2yZWHS33g1iLEZkYQB0l9uWmx2py44lNJ4SkZkYQUCYROCt_mZyxs0o-ND_kBrkyrb_JcDmtcdL4KjW_KaoUR4FdPubBs8N7SD1g8j8fOum3YF3O-jk0qzQuGJSgfvNWPpvy8KZ0Wkg4TR5lIjA7dBTxEgO7-j2uvtDEcIybvc2Whui2aWXBEnFgbaxuSlMb9kc_vS00aJ2lSLbDBHP2s9T8CDYNIcJ9a1I8uzieMXjydNcWem6NkAxEOiBaUJr2xW9F4P9meufrmzpuRfqR4faBg3pk5MTvgdV4gYc3cEpQZqqFg97O_KMpHlcB0SUjTHU0bmG-a6JDV6QPIZH-gMfSuE70z8YnU6A6fNulgIuioEthcIN3YRg-5EyoWFdgTfou3EwvkGAIR0C1Qp-1j_NqjY7IfbXSHFw4RV_EdeIcM4t434kE3lWTERXeF7OoIcS3_dMb5Qg0kPFUGL38TJF2rA5safszH8G6XGX68fX6UKaW2fiT1FTKg?
Requested by
Host: cdn77.aj2495.online
URL: https://cdn77.aj2495.online/1e02c7fa.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.69 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
aafe174d122ef7d3d206b8e7566ad9beb0a5c3d41f1268dba01ff7f71412f0e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
p3p
CP="CAO PSA OUR"
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
760
expires
0
ehuh3OLB7U
api.userway.org/api/tunings/
1 KB
1 KB
XHR
General
Full URL
https://api.userway.org/api/tunings/ehuh3OLB7U
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-28/widget_app_base_1664366167811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.226.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-226-224.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
22ad449d86a9647dfacc778dc0b73e3959a96743bf9b40870c5c05272a299901

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
etag
W/"401-8NeQpiKtSep8g2RdsW6IA5Ugwlo"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers
*
content-length
1025
x-service-version
uw-pr
3426bc68-0231-4f40-ba78-7b32bd48bf6e
https://www.wnd.com/
0
0
Other
General
Full URL
blob:https://www.wnd.com/3426bc68-0231-4f40-ba78-7b32bd48bf6e
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
49a76a69-6601-4438-a73f-b01aa17cfd3a
https://www.wnd.com/
250 B
0
Other
General
Full URL
blob:https://www.wnd.com/49a76a69-6601-4438-a73f-b01aa17cfd3a
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
5115b8a1-d678-4b07-9dde-5409bb883830
https://www.wnd.com/
0
0
Other
General
Full URL
blob:https://www.wnd.com/5115b8a1-d678-4b07-9dde-5409bb883830
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
01f9c586-003a-44a8-83bf-5f803a5535eb
https://www.wnd.com/
250 B
0
Other
General
Full URL
blob:https://www.wnd.com/01f9c586-003a-44a8-83bf-5f803a5535eb
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
c.mgid.com/pv/
0
43 B
Script
General
Full URL
https://c.mgid.com/pv/?tcfV2=1&pv=5&cbuster=1664784429644912770075&uniqId=0615f&consentData=&gdprApplies=1&lct=1664323200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F&lu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&sessionId=633a982e-049dd&pageView=1&pvid=1839ce2724c834ded92&site=542038&implVersion=11&dpr=1&tfre=891
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75442ebd69f46916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
5cf3f173-8a0c-4ad9-aeb4-a63356928783
https://www.wnd.com/
1 KB
0
Media
General
Full URL
blob:https://www.wnd.com/5cf3f173-8a0c-4ad9-aeb4-a63356928783
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
6dd449a9-0e1f-4672-b436-6dd065e5cb1a
https://www.wnd.com/
1 KB
0
Media
General
Full URL
blob:https://www.wnd.com/6dd449a9-0e1f-4672-b436-6dd065e5cb1a
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Mon, 03 Oct 2022 08:07:09 GMT
x-envoy-upstream-service-time
2
Server
openresty
Connection
keep-alive
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 08:07:09 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 08:07:09 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
4
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Mon, 03 Oct 2022 08:07:09 GMT
x-envoy-upstream-service-time
2
Server
openresty
Connection
keep-alive
vary
Origin
/
trends.revcontent.com/api/delivery/
17 KB
8 KB
Fetch
General
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=113544&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&icr_url=&va=0&user_uuid=undefined&time=1664784429666&up=pc&bn=chrome&bv=106&widget_width=301&style_id=0
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.196.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-196-113.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
f7e959694480b76a506ab2b13a5e01f431506c81700a060dd0eab33cf5e41af0
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
content-encoding
gzip
strict-transport-security
max-age=931536000; includeSubDomains
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
7611
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
31SG1V0WFRNKXC6R
age
264
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
75442ebd8a336916-FRA
expires
Tue, 04 Oct 2022 08:07:09 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
885 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
31SYWNNYNESPJ6F1
age
4704
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
75442ebd8a316916-FRA
expires
Tue, 04 Oct 2022 08:07:09 GMT
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Mon, 03 Oct 2022 08:07:09 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
/
trends.revcontent.com/api/delivery/
0
0

api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 08:07:09 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
1
servicer.mgid.com/1222091/
2 KB
1 KB
Script
General
Full URL
https://servicer.mgid.com/1222091/1?tcfV2=1&pv=5&cbuster=1664784429719819047784&uniqId=0615f&consentData=&gdprApplies=1&lct=1664323200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=728&h=90&maxw_2=351&maxh_2=87&cols=2&ref=&cxurl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F&lu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&sessionId=633a982e-049dd&pageView=1&pvid=1839ce2724c834ded92&implVersion=11&dpr=1&tfre=966
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693c49139aff552e160be48d18bb59af2cab6893b8ab920dd24725d1b66f6f68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
75442ebdeb216916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1135114/
6 KB
2 KB
Script
General
Full URL
https://servicer.mgid.com/1135114/1?tcfV2=1&mp4=1&ap=1&w=836&h=578&maxw_3=270&maxh_3=249&cols=3&pv=5&cbuster=1664784429723461348535&uniqId=00740&childs=1135118&consentData=&gdprApplies=1&lct=1664323200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F&lu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&sessionId=633a982e-049dd&pageView=0&pvid=1839ce2724c834ded92&implVersion=11&dpr=1&tfre=971
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8ea1d31523b7ec5f2609cc44ea6ceaf1c2737096251e90d4c1f03f41770f2bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
75442ebdeb1c6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMjUzMDgvMzU5M...
s-img.mgid.com/g/13801735/492x277/-/
18 KB
18 KB
Image
General
Full URL
https://s-img.mgid.com/g/13801735/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMjUzMDgvMzU5MGFjODU2YzQzNzQ5NWU3MmVkZmFiMjRhNmIwNGQucG5n.webp?v=1664784429-7A74h6zKukxc0zBfUvr_wFdjI-8LN1wrDalyrzPocc4
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab2e236a9d9c8ab68da49e83a457d58223c9485146143695b11a71e27936035

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Aug 2022 10:03:43 GMT
x-mg-request-uuid
c2c4fffd-a88d-4690-91ba-e3da1024cec4
server
cloudflare
age
4140199
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75442ec0bf7b5c50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17982
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC81NDcyNTgvMWIxO...
s-img.mgid.com/g/13758158/492x277/-/
20 KB
20 KB
Image
General
Full URL
https://s-img.mgid.com/g/13758158/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC81NDcyNTgvMWIxOWRmYWYzOTVmMjJmNDI4ZGU0MjU1YmRjMGVmNTcuanBlZw.webp?v=1664784429-IPL3COco4RO-35woKS0PIOylK32KNWszO-ziamkpAXI
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7b6dea2948ba4a844b009a81ff2eeaa134b64ed11a568ecac5b795a99a5f41

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 05:55:32 GMT
x-mg-request-uuid
49ce99fd-2227-4007-92e1-3f6b784a6e87
server
cloudflare
age
3315
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75442ec0bf7c5c50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20046
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS80MzkwMjkvYjQyZ...
s-img.mgid.com/g/14171218/492x277/-/
12 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/14171218/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS80MzkwMjkvYjQyZWI2MjNhMGU1YWQwY2E1ODdiMmMyN2UyMWEzMzUucG5n.webp?v=1664784429-glHCNfhHc1ijwTWcsIVTjQXaxkVzcFkQI8E-63NbG1Q
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a945358d0b8f02497da00b71789a72716da71e387711b640e2b17be954bd8c

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 07:18:20 GMT
x-mg-request-uuid
0f061a4c-222a-4d7d-9516-c445e6dfdd90
server
cloudflare
age
3444
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75442ec0bf805c50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11800
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmJlc3Qsd18xMDIwLHhfMzAyLHlfMjIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5L...
s-img.mgid.com/g/14170903/492x277/-/
15 KB
16 KB
Image
General
Full URL
https://s-img.mgid.com/g/14170903/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmJlc3Qsd18xMDIwLHhfMzAyLHlfMjIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzcyODE4Mi9kMjAxNDk0YmNiMjMzOWVmYjVkZTc2ZTMwN2M3NmU2NC5wbmc.webp?v=1664784429-knsX2JQ017jWuRwhg-h29Os61eRrKg31rnkbdh9Ic20
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6971fb1c62ccd7e9bd00028f5b08d6d702862a2cb1034518e49bbcfc0f69317b

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 05:48:23 GMT
x-mg-request-uuid
3e267815-e35d-4956-8ef6-853b5d432f01
server
cloudflare
age
10446
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75442ec0bf815c50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15454
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi80NjY0ODAvMmYyYmU3MjljZjlhODM2Y...
s-img.mgid.com/g/12290497/492x277/-/
19 KB
19 KB
Image
General
Full URL
https://s-img.mgid.com/g/12290497/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi80NjY0ODAvMmYyYmU3MjljZjlhODM2YTM1NzFlMzgzY2U0MjYzZTIuanBn.webp?v=1664784429-l8_DQWhdo-8_FT8g6SM0J1CMdfz-Iu2oDObK1NVYxK8
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7f33622e40202167bc44d183879d25497b1e66c51cebb21175b06711e68ce3

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Mar 2022 09:30:40 GMT
x-mg-request-uuid
94231bca-7f0c-42c7-9ec7-1c4bd73d6380
server
cloudflare
age
1271588
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75442ec0bf835c50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19450
38684f6cbd690e419e31102566aa390b.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-09/715813/
525 KB
526 KB
Media
General
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-09/715813/38684f6cbd690e419e31102566aa390b.mp4?v=1664784429-SYd9_hZTlbcsA9siJ31VJgtYWNOUCO9sL6X2TrD99Oo
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98553ce7f487901b260f522822f9bd471ab513f41b7bbeb0ff8f22f286df0a26
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wnd.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
cf-cache-status
HIT
age
1802508
Content-Range
bytes 0-537239/537240
server-timing
fastly;dur=1173;cpu=0;start=2022-09-12T09:02:09.283Z;desc=miss,rtt;dur=2,cloudinary;dur=1167;start=2022-09-12T09:02:09.285Z,cld-id;desc=38cd22361c4b8fe58b9f43d7e6cd71b7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
537240
x-request-id
38cd22361c4b8fe58b9f43d7e6cd71b7
last-modified
Mon, 12 Sep 2022 09:02:10 GMT
server
cloudflare
etag
"9e9f2283fe44825ce15fa25d506093ca"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
75442ec0bc8a9096-FRA
expires
Tue, 03 Oct 2023 08:07:10 GMT
i.js
cm.mgid.com/
0
101 B
Script
General
Full URL
https://cm.mgid.com/i.js?&cbuster=1664784429832832166559&consentData=&gdprApplies=1
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
75442ebe9c806916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame E441
0
60 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1664784429839397537077&consentData=&gdprApplies=1
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
75442ebeac966916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/
56 KB
16 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
BNJ6QE5JEPQ6QZQN
age
2584
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75442ec0c8d19b49-FRA
x-amz-id-2
hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEyNTMwOC8zNTkwY...
s-img.mgid.com/g/13801735/492x328/-/
22 KB
22 KB
Image
General
Full URL
https://s-img.mgid.com/g/13801735/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzEyNTMwOC8zNTkwYWM4NTZjNDM3NDk1ZTcyZWRmYWIyNGE2YjA0ZC5wbmc.webp?v=1664784429-sunbHZ1cmEvE_wa3yW6vHU9lr2VjQU7YCnY_htpWKJM
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5242c5bd412e09706a648a14e02859bd43637b825767bb555f92a14b347758

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Aug 2022 10:03:40 GMT
x-mg-request-uuid
85523cb7-8ba6-41f1-8cae-f30e35f90f57
server
cloudflare
age
4140210
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75442ec0bf795c50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22062
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzQzOTAyOS9iNDJlY...
s-img.mgid.com/g/14171218/492x328/-/
14 KB
14 KB
Image
General
Full URL
https://s-img.mgid.com/g/14171218/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzQzOTAyOS9iNDJlYjYyM2EwZTVhZDBjYTU4N2IyYzI3ZTIxYTMzNS5wbmc.webp?v=1664784429-yFDrQhTwAS92gs4NLoKwB3qPU9G16qYyvSAgS66j9HE
Requested by
Host: www.wnd.com
URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf27bcc78a9f8ee97d26a0958b4e2bfd804f93d2f308aa560ec962f19639566a

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 07:15:10 GMT
x-mg-request-uuid
8b15ffd0-6fe8-4a6a-9153-683c2ee402ec
server
cloudflare
age
3463
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75442ec0bf755c50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14472
ajs.js
cdn2.decide.dev/_js/
7 KB
3 KB
Script
General
Full URL
https://cdn2.decide.dev/_js/ajs.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2a00:3:7df3:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 02:17:44 GMT
content-encoding
gzip
via
1.1 google, 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified
Sat, 01 Oct 2022 23:36:58 GMT
x-amz-cf-pop
FRA56-P2
age
20966
etag
W/"1a40-18395e9014c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
kxCetSDt7Ib5ZanSJNQODhIXNK6PV1LMG1ItylF8PyhOkRjizaT6bQ==
z3G3UswqADdHtvxK-sYSoehS0L7aVTP9IS3a8pvxFdP1HmuvMrPUZsCoS-g6LOr5OrQr9d_7rpplpUAHx1raWoevU5ytzryf2wH6t1D0xsXEjXywKs0Xne2xHetmWACnM9nrpeRw5woxnRaYNNTtOKFR0mE_jo_nPEaL0vKZKOMVE0L3QtsbZ13FonmLybR9FnoQ6...
aj2495.online/
43 B
511 B
Image
General
Full URL
https://aj2495.online/z3G3UswqADdHtvxK-sYSoehS0L7aVTP9IS3a8pvxFdP1HmuvMrPUZsCoS-g6LOr5OrQr9d_7rpplpUAHx1raWoevU5ytzryf2wH6t1D0xsXEjXywKs0Xne2xHetmWACnM9nrpeRw5woxnRaYNNTtOKFR0mE_jo_nPEaL0vKZKOMVE0L3QtsbZ13FonmLybR9FnoQ6rNT8MVZEi1jbJn7DfFK2jcAvzLyHtmewuUALrfwUVoF85I14Rxb07BItR2llX4SlKHo49rUG4_Bo3paRxs8tlUlKAP5x1v7eu2oC9QIB2oJhWIffuFgsxoRkDdkS_f9Kv-JNzcdWfTrA0Qiu4CDFdoaYFcdd7UwpoMkvsIfjg5NQ4v5ydrXYaHof9tU_PIv_XJIGOrqJ1yypWA?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.69 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
last-modified
Tue, 16 Aug 2022 09:47:02 GMT
etag
W/"43-1660643222000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
zPsskqXiZTdpWiRafeEcG3pxlMIIq3ZiP1xThcBOcHzoiga4KfhRB28nEGc6Twigwb_Fq-laPjR7EEhYHH49NBphezD1bquwxqe6eL8_sJZcdLOirSCxPpTEPg5wm51PMRtBmTbyUkj6PtEUlQ-L1-1ieMNPbKalO7t50I7gU7qunzU32HN1j_4oOMSP0_aqsDb0U...
aj2495.online/
43 B
510 B
Image
General
Full URL
https://aj2495.online/zPsskqXiZTdpWiRafeEcG3pxlMIIq3ZiP1xThcBOcHzoiga4KfhRB28nEGc6Twigwb_Fq-laPjR7EEhYHH49NBphezD1bquwxqe6eL8_sJZcdLOirSCxPpTEPg5wm51PMRtBmTbyUkj6PtEUlQ-L1-1ieMNPbKalO7t50I7gU7qunzU32HN1j_4oOMSP0_aqsDb0UyT1l3osdHI6uV7QEsy9GjIp4J4XvJeVEW5KMMGGxrvIN0f01NysL7hIYaFw7BeETSm2e8mkXtNaxmZwN1V8SlxfTjtROKKjd-Y1yyyGHgZQ9BHnWyz45zIEP1QW79Qw9BydUpDYZIOOh7BaUdkoeUXo-DkM-CySj6bo01BkdrX_T18K7DSKYGZUeHAJtjY1w3-4eHh1RRDCl?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.69 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
last-modified
Tue, 16 Aug 2022 09:47:02 GMT
etag
W/"43-1660643222000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
zTlSEyJZTUwHMiNdnwPBFTkw1w07rInl7t29Elmg6q53lzluQ7Sp60cpyyY7dRV50JrneSYvyCTiRE7KAa9xnLb8vrVHYPv2MZi5SaW4TTsIaCS7x4VEV4fh1JyjzClo4XbDO1qA1wVlcO2E8jHJ0KVkLAK0Ut_fh5CNFQmuRydrjMgpQqCmIMjhlBBAsRUKDzkyQ...
aj2495.online/
43 B
510 B
Image
General
Full URL
https://aj2495.online/zTlSEyJZTUwHMiNdnwPBFTkw1w07rInl7t29Elmg6q53lzluQ7Sp60cpyyY7dRV50JrneSYvyCTiRE7KAa9xnLb8vrVHYPv2MZi5SaW4TTsIaCS7x4VEV4fh1JyjzClo4XbDO1qA1wVlcO2E8jHJ0KVkLAK0Ut_fh5CNFQmuRydrjMgpQqCmIMjhlBBAsRUKDzkyQD5y6g5b5FV2jcY8spkwpqMlaSXjpJymOHTvaXSFDMXjiMeiT1pS0ulJjXVbmoSJO9Qpm2bYKXhYNcmDz7zvJGQocWMeVsQM1_1oGTNWlA8AALVPvfDHRqWi-_TMcG5vwYiO2R7A-iMMIQo4kKn8rswZ3T40BQ9GvEp0fNv9oaQ3iHNmkMH5_QHAzlN7esP_INrJAikbQ4kQX?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.69 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
last-modified
Tue, 16 Aug 2022 09:47:02 GMT
etag
W/"43-1660643222000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
wnd.com.1269477.js
jsc.mgid.com/w/n/
2 KB
1 KB
Script
General
Full URL
https://jsc.mgid.com/w/n/wnd.com.1269477.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cc48ef35dadcc4c9680732f95fb46e2fb041df2d88c34904de49013894f9593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
x-amz-version-id
xZz.DXjZHSb12KgklNXHBV1aiA6ASB5T
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
RRQ1AAEC09AASWE9
age
2312
cf-polished
origSize=2308
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
CXrAKdJ5xJ2Q+lHT+2XgqubHQu/wAID5UZf3u4tiHId34G7/ZvUT2blNN9FiXnQqWW5je0eOGlY=
cf-bgj
minify
last-modified
Wed, 28 Sep 2022 17:34:55 GMT
server
cloudflare
etag
W/"48be77216767c76b7a6c6bc3355775fa"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
75442ec18a809b51-FRA
expires
Mon, 03 Oct 2022 11:07:10 GMT
zatu6ho4qs4W-3HxBP_CwSWHtMlRgoWVkqMUizGR3eSNoxeUZqrnBTgLIDUqr_ghbULs3cXm-2ZW6cm35FtLACDZ6ef7_jbqaLpsyXe2NbA8i16udqHpTKczUxx4EEoMjUBld0wLhhhrihbdIIY7anIAS9CeXmrWfoPEpyWaHuRrV-8R-jFMBAcGGtR7pWIFzrpyj...
aj2495.online/
43 B
510 B
Image
General
Full URL
https://aj2495.online/zatu6ho4qs4W-3HxBP_CwSWHtMlRgoWVkqMUizGR3eSNoxeUZqrnBTgLIDUqr_ghbULs3cXm-2ZW6cm35FtLACDZ6ef7_jbqaLpsyXe2NbA8i16udqHpTKczUxx4EEoMjUBld0wLhhhrihbdIIY7anIAS9CeXmrWfoPEpyWaHuRrV-8R-jFMBAcGGtR7pWIFzrpyjA-CAXjB4nC0O4eH309AlAkQakwWMpvLh_h8TpWSXRf69_eBZy75EtyTk_rHrxHT_XFDEkcV2HYIOSfq-IzDiwjktGMxFtjnwETb-7dqH6qzeCZaKsJo8mY_FJW6A73mgQcjE9aTSx_GFWUjq2rH-dztwf0u46QCxxFZKTf5GfYPSzJggGNRDbg0WQ1sutrYx5fmIAd8b2QNG?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.69 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:09 GMT
last-modified
Tue, 16 Aug 2022 09:47:02 GMT
etag
W/"43-1660643222000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
wnd.com.1269477.es6.js
jsc.mgid.com/w/n/
261 KB
75 KB
Script
General
Full URL
https://jsc.mgid.com/w/n/wnd.com.1269477.es6.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7727f1995354ee2eed4d7e7602acb0038dc1b9dd924ce9807710ebb54012c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
x-amz-version-id
6d_iBUb7NrVUag3D2FYuep57d4.jhLEa
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DQRFAF54A1SM2E5B
age
2931
cf-polished
origSize=266903
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
BTpohsAxLuLN2SW8FhLGNuFagQ6jXiswIbPwn1y3D/+Qc9GEMCG6pWTzIgUxwq9LyNhh6XxiA1k=
cf-bgj
minify
last-modified
Wed, 28 Sep 2022 17:34:54 GMT
server
cloudflare
etag
W/"6a614f84285aed83a9d9e3f85f3c8a61"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
75442ec1db269b51-FRA
expires
Mon, 03 Oct 2022 11:07:10 GMT
en-US.json
cdn.userway.org/widgetapp/2022-09-28/locales/
433 B
807 B
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2022-09-28/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-09-28/widget_app_base_1664366167811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Mon, 03 Oct 2022 08:07:10 GMT
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
content-encoding
br
x-amz-cf-pop
VIE50-C2
age
527
x-cache
HIT
x-77-cache
HIT
x-age
417501
x-77-nzt
Abm0DAZSuWX/3V4GAA
x-accel-expires
@1690286929
last-modified
Wed, 28 Sep 2022 11:58:51 GMT
server
CDN77-Turbo
etag
W/"0c4b53012957584c54e80867ff489590"
x-77-nzt-ray
GnNxdAFgC1g
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
https://www.wnd.com
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Origin
x-amz-cf-id
LJKB0MLp12bvZkF7gIWGoGg7WBXMLgiM1aPzD3zMbIfKYt4EYB2mQA==
88c5fadd-6f64-456f-bf83-104f77d8c9f2
https://www.wnd.com/
0
0
Other
General
Full URL
blob:https://www.wnd.com/88c5fadd-6f64-456f-bf83-104f77d8c9f2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
24bb2cba-9be6-4ce5-9654-548ef5b9cacd
https://www.wnd.com/
250 B
0
Other
General
Full URL
blob:https://www.wnd.com/24bb2cba-9be6-4ce5-9654-548ef5b9cacd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
15366210459998054
decide.dev/lad/ Frame 1B8C
1 KB
1 KB
Document
General
Full URL
https://decide.dev/lad/15366210459998054?pubid=ld-5929-8744&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=1145&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.139.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1376
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:10 GMT
via
1.1 google
12119975259523686
decide.dev/lad/ Frame 3EC8
1 KB
2 KB
Document
General
Full URL
https://decide.dev/lad/12119975259523686?pubid=ld-4520-5072&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=836&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.139.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1376
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:10 GMT
via
1.1 google
14487621883606118
decide.dev/lad/ Frame 36E3
1 KB
1 KB
Document
General
Full URL
https://decide.dev/lad/14487621883606118?pubid=ld-4593-8411&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=836&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.139.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
1376
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:10 GMT
via
1.1 google
3e9147c6-8a0a-40f9-9b28-07319043a1aa
https://www.wnd.com/
1 KB
0
Media
General
Full URL
blob:https://www.wnd.com/3e9147c6-8a0a-40f9-9b28-07319043a1aa
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
31SG1V0WFRNKXC6R
age
265
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
75442ec3cf989b51-FRA
expires
Tue, 04 Oct 2022 08:07:10 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1008 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
31SYWNNYNESPJ6F1
age
4705
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
75442ec3cf9a9b51-FRA
expires
Tue, 04 Oct 2022 08:07:10 GMT
1
servicer.mgid.com/1269477/
1 KB
1 KB
Script
General
Full URL
https://servicer.mgid.com/1269477/1?tcfV2=1&mp4=1&ap=1&w=300&h=250&maxw_1=300&maxh_1=250&ident_p=true&cols=1&pv=5&cbuster=1664784430718311969110&uniqId=13b3e&consentData=&gdprApplies=1&lct=1664323200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F&lu=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&sessionId=633a982e-049dd&pageView=0&pvid=1839ce2724c834ded92&implVersion=11&dpr=1&tfre=1965
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914092ae9d0f8bab6a904e432aa6bb057b9d794105cb44e8b76bf5de3fb502b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
75442ec4186b9b51-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
31SG1V0WFRNKXC6R
age
265
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
75442ec499c09b51-FRA
expires
Tue, 04 Oct 2022 08:07:10 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1008 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
31SYWNNYNESPJ6F1
age
4705
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
75442ec499c69b51-FRA
expires
Tue, 04 Oct 2022 08:07:10 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS80MzkwMjkvYjQyZ...
s-img.mgid.com/g/14171218/492x277/-/
12 KB
12 KB
Image
General
Full URL
https://s-img.mgid.com/g/14171218/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS80MzkwMjkvYjQyZWI2MjNhMGU1YWQwY2E1ODdiMmMyN2UyMWEzMzUucG5n.webp?v=1664784430-mElhZZo6r1OWyu4-Rgp0Q9xLhMvV2wgLjUhvoD-cZPc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a945358d0b8f02497da00b71789a72716da71e387711b640e2b17be954bd8c

Request headers

Referer
https://www.wnd.com/
Origin
https://www.wnd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 07:18:20 GMT
x-mg-request-uuid
61478f9d-4e67-41b2-93bf-f1db7f2ae626
server
cloudflare
age
3430
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
75442ec4cc1a9054-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11800
id5-api.js
cdn.id5-sync.com/api/1.0/
56 KB
16 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:10 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
BNJ6QE5JEPQ6QZQN
age
2584
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75442ec499f19b49-FRA
x-amz-id-2
hJmPwVJFjVRFjjxB02rGj7iGRK80JkfiG0N/xC3qR9uTKG4G8bnSsVqbVVPjooGi44s5hsva9Y4=
dc.js
stats.g.doubleclick.net/ Frame 3EC8
45 KB
17 KB
Script
General
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: decide.dev
URL: https://decide.dev/lad/12119975259523686?pubid=ld-4520-5072&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=836&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 07:55:33 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
697
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 03 Oct 2022 09:55:33 GMT
dc.js
stats.g.doubleclick.net/ Frame 36E3
45 KB
17 KB
Script
General
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: decide.dev
URL: https://decide.dev/lad/14487621883606118?pubid=ld-4593-8411&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=836&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 07:55:33 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
697
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 03 Oct 2022 09:55:33 GMT
dc.js
stats.g.doubleclick.net/ Frame 1B8C
45 KB
17 KB
Script
General
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: decide.dev
URL: https://decide.dev/lad/15366210459998054?pubid=ld-5929-8744&pubo=https%3A%2F%2Fwww.wnd.com&rid=&width=1145&utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 07:55:33 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
697
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 03 Oct 2022 09:55:33 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wnd.com%2F&domain=www.wnd.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 03 Oct 2022 08:07:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
490801
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wnd.com%2F&domain=www.wnd.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=F18Hh3xQWTNweFdhZmdkM3hPWjJvNGdOQnpCSnU1SFFCRnJLM1BVbklQTVJWaHNwMFNqWUdDQUxjcHRMdjNYSURTS2JORnRoQTY3T1pSQmlYZ2lIUFIzRGJpS3hXL3NWN1doOXcyYmw1S29DK1hLaTlxcGM1ZWZxbm03Vl...
327 B
624 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=F18Hh3xQWTNweFdhZmdkM3hPWjJvNGdOQnpCSnU1SFFCRnJLM1BVbklQTVJWaHNwMFNqWUdDQUxjcHRMdjNYSURTS2JORnRoQTY3T1pSQmlYZ2lIUFIzRGJpS3hXL3NWN1doOXcyYmw1S29DK1hLaTlxcGM1ZWZxbm03VlQxb1kvRXN5MVg2VGNpNFQrSkpZdDhkWXhJVmFPeStQbEtXY2VHa2Y0NkloaTNVNDBlTXV2b1VCYW1pd0g2eEphcDlwTGh2ajR1TEpJMTFuZ1h1WHJocG1UVnFUTitEZXZKV1VLSGovZGFYemdaemlPMk9nPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ed6eed286328fc77c2e3c3827dac2bb85657b3103f18e6e9ef0e253a538a454c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1291111
expires
0

Redirect headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=F18Hh3xQWTNweFdhZmdkM3hPWjJvNGdOQnpCSnU1SFFCRnJLM1BVbklQTVJWaHNwMFNqWUdDQUxjcHRMdjNYSURTS2JORnRoQTY3T1pSQmlYZ2lIUFIzRGJpS3hXL3NWN1doOXcyYmw1S29DK1hLaTlxcGM1ZWZxbm03VlQxb1kvRXN5MVg2VGNpNFQrSkpZdDhkWXhJVmFPeStQbEtXY2VHa2Y0NkloaTNVNDBlTXV2b1VCYW1pd0g2eEphcDlwTGh2ajR1TEpJMTFuZ1h1WHJocG1UVnFUTitEZXZKV1VLSGovZGFYemdaemlPMk9nPXw&cppv=2
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
691092
content-length
0
expires
0
938.json
id5-sync.com/g/v2/
216 B
621 B
XHR
General
Full URL
https://id5-sync.com/g/v2/938.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
3302bb80d02728cf95285cd0125bf6bc4af73273a5d081ec558e07ac9ac2c434
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/
63 B
334 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.218.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-218-252.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
63463d38193c6497075ed9082a633b513cbeddce5dd8bc3e23645cda0481bca3

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.wnd.com
cache-control
no-cache
x-server
10.45.2.14
access-control-allow-credentials
true
content-length
63
expires
0
rid
match.adsrvr.org/track/
63 B
388 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
d3d80c90059ffbbd3d467217d57da976efae6fee6bb63190a7dd688b18b67aff

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Oct 2022 08:07:12 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wnd.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 02 Nov 2022 08:07:12 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
80 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c3d5671eb464c4040b864da705012965774556b2515837a216e8f205e257f28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27690
x-xss-protection
0
server
sffe
etag
"1352 / 786 of 1000 / last-modified: 1664575501"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Oct 2022 08:07:12 GMT
backfillad
dashboard.insticator.com/embeds/ Frame BF4E
0
0

backfillad
dashboard.insticator.com/embeds/ Frame BF4E
0
0

backfillad
dashboard.insticator.com/embeds/ Frame 3596
1 KB
846 B
Document
General
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
03d3da807ce37cd9529f35fb5480a14ff4d860c8d9935254749f5614049275f5

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
697
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:12 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame FE30
0
0

backfillad
dashboard.insticator.com/embeds/ Frame FE30
0
0

backfillad
dashboard.insticator.com/embeds/ Frame C3C8
1 KB
836 B
Document
General
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
03d3da807ce37cd9529f35fb5480a14ff4d860c8d9935254749f5614049275f5

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
697
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:12 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame AA7E
0
0

backfillad
dashboard.insticator.com/embeds/ Frame AA7E
0
0

backfillad
dashboard.insticator.com/embeds/ Frame 6F00
1 KB
839 B
Document
General
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
61d6f011e98dcbe8df2f3401ecde97e94f8c739f7d02473a5afbdb457714cbee

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
700
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:12 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame D92B
0
0

backfillad
dashboard.insticator.com/embeds/ Frame D92B
0
0

backfillad
dashboard.insticator.com/embeds/ Frame 4B67
1 KB
837 B
Document
General
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
adcf36b1f771f81ac0abac840def18c4263c38e56f78a58735534415c7e32b00

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
698
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:12 GMT
vary
Accept-Encoding
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/
35 B
351 B
Image
General
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1664784432481&site_uuid=888d9f08-6811-40ec-95fc-ac103c950648&hostname=www.wnd.com&ad_unit=wnd.com_Web_300x250_cmt_1&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:800:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 21:18:45 GMT
via
1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
38913
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
mWkpFB3r-qM1OpNBiMOlUbtx9Of5gIdrKYhm7VUpTg3jRsl_F-26RQ==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/
35 B
350 B
Image
General
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1664784432489&site_uuid=888d9f08-6811-40ec-95fc-ac103c950648&hostname=www.wnd.com&ad_unit=wnd.com_Web_300x250_cmt_2&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:800:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 21:18:45 GMT
via
1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
38913
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
11a4-pghevpFO_XR0MiDceWtTVGZBuxgJazPblMRLHBZIWT_LGc6yQ==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/
35 B
350 B
Image
General
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1664784432498&site_uuid=888d9f08-6811-40ec-95fc-ac103c950648&hostname=www.wnd.com&ad_unit=wnd.com_Web_300x250_cmt_3&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:800:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 21:18:45 GMT
via
1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
38913
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
fCZ3UrsyYf45I_cbvIouKZA8l96e_vOZ-ZB327-YFbfnPmT-RQBM1w==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/
35 B
349 B
Image
General
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1664784432506&site_uuid=888d9f08-6811-40ec-95fc-ac103c950648&hostname=www.wnd.com&ad_unit=wnd.com_Web_300x250_cmt_4&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:800:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 21:18:45 GMT
via
1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
38913
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
xGDoSmT3BnsSiPwMl8ACCe-mnSxhhggywpvBAy0bo1ugZnog9N0ytw==
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=F18Hh3xQWTNweFdhZmdkM3hPWjJvNGdOQnpCSnU1SFFCRnJLM1BVbklQTVJWaHNwMFNqWUdDQUxjcHRMdjNYSURTS2JORnRoQTY3T1pSQmlYZ2lIUFIzRGJpS3hXL3NWN1doOXcyYmw1S29DK1hLaTlxcGM1ZWZxbm03VlQxb1kvRXN5MVg2VGNpNFQrSkpZdDhkWXhJVmFPeStQbEtXY2VHa2Y0NkloaTNVNDBlTXV2b1VCYW1pd0g2eEphcDlwTGh2ajR1TEpJMTFuZ1h1WHJocG1UVnFUTitEZXZKV1VLSGovZGFYemdaemlPMk9nPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 03 Oct 2022 08:07:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
528073
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pubads_impl_2022092701.js
securepubads.g.doubleclick.net/gpt/
378 KB
128 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 01:26:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131011
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:38:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Sep 2023 01:26:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
326 B
178 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wnd.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
228d4871dfc7449dc55658c8366352e7b3e820fc7f6ec848272a05a0ef455fec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
expires
Mon, 03 Oct 2022 08:07:12 GMT
70e5d3e6515e54f63f7bedad090ceeb8-0.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 3596
14 KB
14 KB
Image
General
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/70e5d3e6515e54f63f7bedad090ceeb8-0.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:45:42 GMT
etag
70e5d3e6515e54f63f7bedad090ceeb8
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
14092
70e5d3e6515e54f63f7bedad090ceeb8-0.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame C3C8
14 KB
14 KB
Image
General
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/70e5d3e6515e54f63f7bedad090ceeb8-0.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:45:42 GMT
etag
70e5d3e6515e54f63f7bedad090ceeb8
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
14092
4920d8201547a5353954c565acf67a80-1.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 4B67
17 KB
17 KB
Image
General
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/4920d8201547a5353954c565acf67a80-1.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:45:42 GMT
etag
4920d8201547a5353954c565acf67a80
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
17054
analytics.js
www.google-analytics.com/ Frame 3596
49 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 07:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
3075
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 03 Oct 2022 09:15:57 GMT
analytics.js
www.google-analytics.com/ Frame C3C8
49 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 07:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
3075
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 03 Oct 2022 09:15:57 GMT
analytics.js
www.google-analytics.com/ Frame 4B67
49 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 07:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
3075
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 03 Oct 2022 09:15:57 GMT
c5d26e53d9d3243a25799e2b768bfe1d-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 6F00
11 KB
11 KB
Image
General
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.179.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-179-172.compute-1.amazonaws.com
Software
/
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:12 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 17:45:42 GMT
etag
c5d26e53d9d3243a25799e2b768bfe1d
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
11468
analytics.js
www.google-analytics.com/ Frame 6F00
49 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 03 Oct 2022 07:15:57 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
3075
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 03 Oct 2022 09:15:57 GMT
loader.js
static.instiengage.com/app-loader/static/
Redirect Chain
  • https://comment.instiengage.com/live/loader/loader.js
  • https://static.instiengage.com/app-loader/static/loader.js
127 KB
35 KB
Script
General
Full URL
https://static.instiengage.com/app-loader/static/loader.js
Protocol
H2
Server
2600:9000:225e:5600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12cf4dfddba9d224681e1a2d91ef02501364f74d3886a0e4a26665e7587d41b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
BC0dRvIwRkzXSnbBXSVDuEkCe.VaP5SN
content-encoding
br
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:07:10 GMT
last-modified
Tue, 23 Aug 2022 11:24:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
7
etag
W/"139b06cb1ddb020957cdfb3c15774bd4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=60
x-amz-cf-id
aqailmygGRI-PXBXu-XqmrzJBwJQpETq3wBFNXO0Yh9q6JbuuiDH6g==

Redirect headers

date
Mon, 03 Oct 2022 08:07:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2%2BJks%2Fh7cCtsDrVUHJL7HbjD8%2B6qdP%2B1aUzcqxTwHXST8yYkasrIY6Tm3AtHcIbeFCJjFkikO346jwx1CQFkjp4H%2BIJ9dWaVQ9AoE3rS%2BNYOr8yb2aHpgUz1fD1P0wZ%2BcA3MVAvO2hgacn3%2BbEHqtNDSv%2FWDg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.instiengage.com/app-loader/static/loader.js
cache-control
max-age=3600
cf-ray
75442ed9181b9048-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 03 Oct 2022 09:07:14 GMT
getContentIdByUrl
comment.instiengage.com/live/comments/api/comments/
79 B
650 B
Fetch
General
Full URL
https://comment.instiengage.com/live/comments/api/comments/getContentIdByUrl?integrationId=888d9f08-6811-40ec-95fc-ac103c950648&pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&extPageId=5031823&imageUrl=https%3A%2F%2Fwww.wnd.com%2Fwp-content%2Fuploads%2F2014%2F03%2F140316briberyshadow.jpg
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
235f8916406f2b09a51f4d9576b50e4bccf23d116be0a2802f05a2741e573966
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
requestid
ad834fcf-17bb-4e5f-a4c0-2153a0c14cb1
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1%2BD%2FVDBaX3YZQSDHGezqXLav4q7nWDWJ%2BnsxmB0QgpoJFP53LFXWLVXDAiQGZ7jRdNt9vyRxXcTHHbIlA8LyiZK2mJBi%2BStPqaEwKnkzPZNHmaRk11c0CkGZCwP0ahK%2BlZRR8kHVysvBdHUL0E4hO5%2BLQrLOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.wnd.com
access-control-allow-credentials
true
cf-ray
75442eda6a379a2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v2qdrp_d0vdgUawGb8q8QyCWbH41H_NICAHKmGHXWJf8i8UV5TPp-Zk_XLOi3gc1m9kL_9K6wog
calmcactus.com/
2 B
28 B
Ping
General
Full URL
https://calmcactus.com/v2qdrp_d0vdgUawGb8q8QyCWbH41H_NICAHKmGHXWJf8i8UV5TPp-Zk_XLOi3gc1m9kL_9K6wog
Requested by
Host: calmcactus.com
URL: https://calmcactus.com/v2bxlVYgfmBS0Q0hJWcJTDskRbVLCttqKoP9bvXwc_tFUDjZsRV50oiEJtqnYmDGl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b14d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 03 Oct 2022 08:07:14 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wnd.com
x-hostname
fen-hoothoot-europe-west1-spot-33r1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 03 Oct 2022 08:07:13 GMT
v2nqfoMbj_bhHEUMmGbLM7_cPNeQYI-LMDehs64boNxmdsK5-txzdC2cgziKKtMZ614tuXbmM
calmcactus.com/
191 B
218 B
Fetch
General
Full URL
https://calmcactus.com/v2nqfoMbj_bhHEUMmGbLM7_cPNeQYI-LMDehs64boNxmdsK5-txzdC2cgziKKtMZ614tuXbmM
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b14d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e1c43fe95d2f0c8a87bab438e74e3354047e028ed06529a5346408fd1dcd9782
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 03 Oct 2022 08:07:14 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wnd.com
x-hostname
fen-hoothoot-europe-west1-spot-33r1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 03 Oct 2022 08:07:13 GMT
v2hgh_OmVj4dCstCq6bqILoSgVjiHiQgBVoElg1wb_7Hl0HCryQHj8Hy4bUqqazhcNFmIPER6
calmcactus.com/
500 B
525 B
Fetch
General
Full URL
https://calmcactus.com/v2hgh_OmVj4dCstCq6bqILoSgVjiHiQgBVoElg1wb_7Hl0HCryQHj8Hy4bUqqazhcNFmIPER6
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b14d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e08cf3cf3803970e3a67dad6201655006c5172b57d0d0a004eb09ed9005fa9f8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 03 Oct 2022 08:07:15 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
500
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wnd.com
x-hostname
fen-hoothoot-europe-west1-spot-33r1
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
page
comment.instiengage.com/live/comments/api/ Frame 6B2B
87 KB
22 KB
Document
General
Full URL
https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f3e143cd14977f8661b37069c3cdb2517dd43bfcf5086566dcad61f97d1a4f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75442edd6e09912a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0GaigHwZBUZDHECrzPjd%2BJg40YHKWxBI46%2Fm6ULcCuEwHu0cHJIlvLYlrLWvbJ8VdpejBDNwmSPj1DShmboBsrzal%2FCqy6uC%2Bx0GbrsxBZnuThGr%2BP2dRh59%2F9awzpNj1%2Fw%2FMgNs%2B2ObX5DhNJsv3JySnigug%3D%3D"}],"group":"cf-nel","max_age":604800}
requestid
d2214c77-8452-4978-b916-7157c3f7d12d
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding Origin
369.json
id5-sync.com/g/v2/
216 B
621 B
XHR
General
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
0076853e981c2b22d99e8a131c791d4c0e123ba074a7492c72f1da3a0470b2b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/
63 B
387 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
826f31570be6107d9f952800434f48426c614b4b6d4aa0c43b4ddd5a5541a4f5

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Oct 2022 08:07:15 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wnd.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 02 Nov 2022 08:07:15 GMT
envelope
api.rlcdn.com/api/identity/
0
251 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 03 Oct 2022 08:07:15 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.wnd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 3DCD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
994f33dced877618bb90509432c7ce2105e8a3566f0e1a43c7cb187655bac901

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75442ee40bc7d2c9-CDG
content-encoding
br
content-type
text/html
date
Mon, 03 Oct 2022 08:07:15 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rA2unaeqVdbHTNdLKxekk1MmOuiI%2Fydl6aiiDGxYDA%2Bh4QsbOAUB1qdKXBPx90AkcjrZ%2BIRHqVNo%2F5cy%2Ft5aIQDYMDSX3o3ME56jO%2BDJMOtAdF5D0ESrLWQ4Cn1EnRbVCFTIcuLGCSNczg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75442ee38a376901-FRA
content-length
0
date
Mon, 03 Oct 2022 08:07:15 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9Pw88MV8n9%2BQkAIIp52r4p77dz%2BK92RSBsMo1sn9Mm3VXjxGBtpIkwG5ssgE%2F%2FcXu26IBEhvxnhNJZ%2FtnvBWqrtcUJIXqZ7DYqX18jOnVBBJGlfWiCXjChRqjSZbkinuquMMTjj0CYqcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DACE
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 03 Oct 2022 08:07:15 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
rubicon
ex.ingage.tech/v1/syncPage/ Frame B62F
951 B
871 B
Document
General
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=de345507-9a43-4474-9310-307efa4f46e2&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:cc0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75442ee33df49954-FRA
content-encoding
br
content-type
text/html
date
Mon, 03 Oct 2022 08:07:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRx%2FLE8S3%2FqwjE%2FMWd2xEuaovyk7pkpnD9Nn0Dg2aR6bqIfuyqEoH73wLds0vKpoayORcUJF15cH7RqpG9qyCFZ6JzXSzkQjYq6cm0%2FwYoxyizT2vPLn4WckTmyWasope9Sks3QTN2wqeMsofg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 18E8
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101987
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 03 Oct 2022 08:07:15 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 04 Oct 2022 12:27:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E6B8
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3DPM_UID
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101987
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 03 Oct 2022 08:07:15 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 04 Oct 2022 12:27:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame E675
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 03 Oct 2022 08:07:15 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
generic
match.adsrvr.org/track/cmf/ Frame 611D
Redirect Chain
  • https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3DUCFUID
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/6473ca0d-500a-35da-91cc-47b20b919779?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-KBvR3VFE2oWxedUZz9IJmM7uNVhxk9RviYpQZH0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 03 Oct 2022 08:07:16 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

connection
close
content-length
246
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:16 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
vary
Accept, Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 5EC4
22 KB
8 KB
Document
General
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.29.0
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC1D) /
Resource Hash
6619c3c9eaf6738dc2e1921e0682e82f4a5b0ac44a6b33d89812f576bc31ab41

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
743
cache-control
max-age=900
content-encoding
gzip
content-length
7250
content-md5
lcpePTe6AerpIQfSuw35Lg==
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 08:07:15 GMT
etag
a24e35b4-9daf-4886-8cb8-e752aec17db7
expires
Mon, 03 Oct 2022 08:22:15 GMT
last-modified
Thu, 25 Aug 2022 17:39:51 GMT
opc-request-id
iad-1:_VcDEyELfcXIrOPb63oVDuSPprUmoyBy_u6LaPBd5nGdeU8z1tss5rJ4JtkqFn6g
server
ECAcc (amc/BC1D)
storage-tier
Standard
vary
Accept-Encoding
version-id
47726d7f-1be6-4a83-a43b-588c3e43b197
x-api-id
native
x-cache
HIT
de345507-9a43-4474-9310-307efa4f46e2
ex.ingage.tech/v1/sync/betweenx/ Frame 4399
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D%24%7BUSER_ID%7D&crf=1
  • https://ex.ingage.tech/v1/sync/betweenx/de345507-9a43-4474-9310-307efa4f46e2?uid=b368fe16-8a29-5214-9476-f632f74c6e01
0
0
Document
General
Full URL
https://ex.ingage.tech/v1/sync/betweenx/de345507-9a43-4474-9310-307efa4f46e2?uid=b368fe16-8a29-5214-9476-f632f74c6e01
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:cc0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
75442ee3efb99954-FRA
date
Mon, 03 Oct 2022 08:07:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc1rSmZCpPkyL%2FN9WjGkNbxnnALDtCWvYqtbLrO2n%2BWrXa1yUjqn1uzcNUCb82cQ%2B22I19TPyN%2BBloyCaJOWCfGVtme7t7FYnYbYWvMfgjYib9BiTiAAQOrqf45G8qF0ijAJa3ZMwpywSpwYbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://ex.ingage.tech/v1/sync/betweenx/de345507-9a43-4474-9310-307efa4f46e2?uid=b368fe16-8a29-5214-9476-f632f74c6e01
generic
match.adsrvr.org/track/cmf/ Frame 57C9
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=de345507-9a43-4474-9310-307efa4f46e2&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator&zcc=1&cb=1664784435907
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=959552875
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=959552875
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.wnd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 03 Oct 2022 08:07:15 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 03 Oct 2022 08:07:15 GMT
etag
RX37e33516563646d3bdd2fd8a08490f19003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=959552875
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
9.gif
id5-sync.com/s/441/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 03 Oct 2022 08:07:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
css2
fonts.googleapis.com/ Frame 6B2B
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://comment.instiengage.com/
Origin
https://comment.instiengage.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Oct 2022 08:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 07:03:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Oct 2022 08:07:15 GMT
upvote.svg
static.instiengage.com/shared/reactions/ Frame 6B2B
24 KB
19 KB
Image
General
Full URL
https://static.instiengage.com/shared/reactions/upvote.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41a17e937ad1280edb17ba6dc49ed70676cccdab3be42cf183b51b8287aff5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
ftmKnfWw4ZbF0KLsmY_2Fl3gha37vmkN
content-encoding
gzip
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:07:15 GMT
last-modified
Thu, 11 Aug 2022 09:56:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
34
etag
W/"568980b2c62cdeb3d0607cc701779b95"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
qQ1r8ry6H5g-HNaWvVb5ZLyvIjKqO-86ocIBiL7OU9SBIKrfVeKNJg==
app.js
static.instiengage.com/app-comments/ Frame 6B2B
Redirect Chain
  • https://comment.instiengage.com/live/comments/static/app.js?v=0.0.76
  • https://static.instiengage.com/app-comments/app.js?v=0.0.76
2 MB
432 KB
Script
General
Full URL
https://static.instiengage.com/app-comments/app.js?v=0.0.76
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Protocol
H2
Server
2600:9000:225e:5600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf929d38842802dfceed4b409b48145f6cece9900357e1bb1a9fe22e5c6e1543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
ytOdQ7aLZIfTx2c24w58PB51WM0Z8IFX
content-encoding
br
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:06:40 GMT
last-modified
Tue, 23 Aug 2022 11:24:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
36
etag
W/"a17a7d98ab16b20480304bfc1a6a3f5f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=60
x-amz-cf-id
1kbsr42XeO7AEcG188nyUlPZj4S-Ox_FxDK7f2aDJkq1fzoYinfaYA==

Redirect headers

date
Mon, 03 Oct 2022 08:07:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHd1ANYBnQiv%2BHPFkEB2ylbcPgIRKxvCZHRjcr1DbMaVsIZZKBEL7nsIu%2F0iiURskbY6%2F6vFQXDpE1LE8KoCHm20vUdu2BHU05kVgwS8EWXZrIZwIsMUocsAEfWbEvtSxWuUQkrUMqrA5F50tuvTyfG4UB5djw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.instiengage.com/app-comments/app.js?v=0.0.76
cache-control
max-age=3600
cf-ray
75442ee3ad67912a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 03 Oct 2022 09:07:15 GMT
css2
fonts.googleapis.com/ Frame 6B2B
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 03 Oct 2022 08:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 06:19:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Oct 2022 08:07:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 18E8
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68259804&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:14 GMT
content-length
0
truncated
/ Frame 6B2B
721 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47f939d447b1f96bd45972df4f933992f168f2a4d34d981a225023cc0559f37b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
65e23210-48c6-11ec-b700-d55a5377fa9f.png
static.instiengage.com/auth-service/profile/64066430-7c15-11eb-961f-f3ec33e7b430/ Frame 6B2B
22 KB
22 KB
Image
General
Full URL
https://static.instiengage.com/auth-service/profile/64066430-7c15-11eb-961f-f3ec33e7b430/65e23210-48c6-11ec-b700-d55a5377fa9f.png
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f1f970f18f03cf8b24cc921215510102cb3912b53415cd363f076d07167eb0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
10O2UKFhupwiwyllKL7ZgQA4og1c9Bd9
date
Mon, 03 Oct 2022 08:07:17 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified
Thu, 18 Nov 2021 23:22:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"c76f6f6c3e34f95a0cc44a04fbba7811"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
22275
x-amz-cf-id
bmJGIcbmvffovM7nrqeJeQfS89DuhxTHOE4XK7Ngve8tucHvcJmoSw==
news-13.svg
static.instiengage.com/avatars-v2/ Frame 6B2B
929 B
1 KB
Image
General
Full URL
https://static.instiengage.com/avatars-v2/news-13.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17bd91c17b7ce6aa3381331d96a48c3cdda81a7af8589c373a9bf2ef533639b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
c9VUQ51ubxqcZ5s_3.Lyk35KXA5uDYyH
date
Mon, 03 Oct 2022 08:07:15 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 13:39:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
65
etag
"4cdf67f82f16a240ea0ea1585fda69cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
929
x-amz-cf-id
SPaR1VeYTKH8AAQjPbY-PWgANMS5DaFoWh_8AjXrd3YONx5PmyFKKg==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 6B2B
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://comment.instiengage.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:50:24 GMT
x-content-type-options
nosniff
age
566211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:50:24 GMT
truncated
/ Frame 6B2B
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
498816005d8208962ab899a1b152ef0d87e3424532728368fa71da24796d47c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
usync.html
eus.rubiconproject.com/ Frame B62F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=de345507-9a43-4474-9310-307efa4f46e2&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=de345507-9a43-4474-9310-307efa4f46e2&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 03 Oct 2022 08:07:16 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 03 Oct 2022 08:07:15 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame DACE
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 08:07:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66111
Connection
keep-alive
Content-Length
9421
Expires
Tue, 04 Oct 2022 02:29:06 GMT
vendors~editor.js
static.instiengage.com/app-comments/ Frame 6B2B
251 KB
49 KB
Script
General
Full URL
https://static.instiengage.com/app-comments/vendors~editor.js
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d9bbaefeb78a48f25cab040c5b7c5c7efb6bd2db5e7909f558124b08919062a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
IAd9yykSXS0WLOtu3BlFsFbIzA1_BFII
content-encoding
br
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:07:16 GMT
last-modified
Tue, 23 Aug 2022 11:24:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32
etag
W/"23363115917094eb2fff7d2b428f2d33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=60
x-amz-cf-id
442zvno_Qae6p6grBZ_JS57n5IUPilmy9BUBxcuZiOJGyVEGZ-wHUg==
editor.js
static.instiengage.com/app-comments/ Frame 6B2B
23 KB
8 KB
Script
General
Full URL
https://static.instiengage.com/app-comments/editor.js
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5600:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3538776a55c419cdf03421322a243bd2d47939e1c2a896b085004346006cb262

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
B5.f0iSGULSMMY.lxW8Opd7gxcDI6Wlg
content-encoding
br
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date
Mon, 03 Oct 2022 08:07:16 GMT
last-modified
Tue, 23 Aug 2022 11:24:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
32
etag
W/"64fb5e532b0c66c302d484594db6b0e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
max-age=60
x-amz-cf-id
ZYR4m5ljsgyMdv8JLPSSfREIzzGIjTXOzwA1w5hRwEuPm5I8G7LPjw==
dcm
s.amazon-adsystem.com/ Frame 3DCD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 08:07:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FGJSCHTJHXH6F633TRVB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 08:07:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EWJPTM20VKTZG5E7471A
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3DCD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEExd513pmAqipthZ6nbE7D8&google_cver=1
43 B
845 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEExd513pmAqipthZ6nbE7D8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmIXc3%2FSMRgbAUJYB1%2BbzHIFOOcTQR7UD9U9BUS%2BovJ%2FVVr6M%2BsRbP8D2sPEoUuHUmArz1WcfphmL%2BxXTsP0BAH1g1t6NCYnuHA5QaKp1MtyyhpO5R9p5yB8pC0gKJVawT1DRccHc4xEyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75442ee81b1cd2c9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEExd513pmAqipthZ6nbE7D8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3DCD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzqYMyCrn790lfkiaSlA8AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJbhxlA_J5Bgk9fKRHvSJcA&google_cver=1
43 B
882 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJbhxlA_J5Bgk9fKRHvSJcA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmQEGq72y3lLQbS7T6hFUrbYp6J%2FlOlmx%2BMfQRy2mPKAjDAQHADbVSVe4GxeBJPHDkiwHBA6wH6TA5tiT3l%2FWAJSQBjvUqzlOut0qdzwSEJxW96%2FSTHSKNFP1%2BJMA0iM9GWixUUsbYszDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75442ee84fa6d62a-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJbhxlA_J5Bgk9fKRHvSJcA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3DCD
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3DCD
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419371645675
43 B
429 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419371645675
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFe5axq92K%2BnuIEu7to0cIKSyLESwIwNuGiw2bqs9HdZg8WBdlStfFybJuXqWFK56lIbqUJ6HJMBPvcURs6gKxE9WHGR3nHvNvdvRpsNRV1MsFAP4wv6fFqJFnLYuUBCY6CtUpfR%2BBs%2FyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75442ee73dc599b6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419371645675
Date
Mon, 03 Oct 2022 08:07:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 3DCD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6281404486374392508
43 B
418 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6281404486374392508
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnBrmGPiw%2F0E3mHqwAFqHmR9khKQxlPkqP6b9k8FZr5e%2Fa5HikzTn20aEUg2nVfDySVKL%2B%2Bexlora1aoYLL6OTxFhRrXhmmkb1X9FEiVM4TIaK5zqxLzWSqfUsMPovf1skbE26fhnYwLKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75442ee76e0599b6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 08:07:16 GMT
AN-X-Request-Uuid
7f4a107b-2e2a-4600-81b4-8d227ae20126
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6281404486374392508
Connection
keep-alive
X-Proxy-Origin
193.27.14.36; 193.27.14.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 3DCD
0
131 B
Image
General
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75442ee71b9d6940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
crum
dsum.casalemedia.com/ Frame 3DCD
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8c84bc6b-0ae6-823a-9a75d38a
43 B
956 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8c84bc6b-0ae6-823a-9a75d38a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
H2
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrK7GOJ3AJabfh7AV5Vbic%2BTETz1stk513xPm6jVGEEvE69fFDQoIAK%2F8rkeItGQVq5lTFEhg84YAuXEEEfElhpMxOGKhwmovCrbudCiWpXe4kGTg1qKc9vk1bmWpZ0jLKXBaDIf"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75442ee82e43914a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 03 Oct 2022 08:07:16 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8c84bc6b-0ae6-823a-9a75d38a
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
de345507-9a43-4474-9310-307efa4f46e2
ex.ingage.tech/v1/sync/ix/ Frame 3DCD
0
502 B
Image
General
Full URL
https://ex.ingage.tech/v1/sync/ix/de345507-9a43-4474-9310-307efa4f46e2?uid=YzqYMyCrn790lfkiaSlA8AAAFCIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Fde345507-9a43-4474-9310-307efa4f46e2%3Fuid%3D&s=192379&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e6::ac40:cc0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bj4ZNZXhFmhrBeDYCO7DNL9vvGPbFCL%2F6cp7O3BISpsNYMcipC%2BD%2Bsk12boF481cSEyCI6zODJ52b2yp%2BreSHIaSNNRa9%2BVMU9Oa6SqtEfjZ0E%2BvAeqk4m51cV3GsWKZifYBUbFJsci4szLGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
75442ee68e229954-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
usync.js
eus.rubiconproject.com/ Frame B62F
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 08:07:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66110
Connection
keep-alive
Content-Length
9421
Expires
Tue, 04 Oct 2022 02:29:06 GMT
v2qdrp_d0vdgUawGb8q8QyCWbH41H_NICAHKmGHXWJf8i8UV5TPp-Zk_XLOi3gc1m9kL_9K6wog
calmcactus.com/
2 B
28 B
Ping
General
Full URL
https://calmcactus.com/v2qdrp_d0vdgUawGb8q8QyCWbH41H_NICAHKmGHXWJf8i8UV5TPp-Zk_XLOi3gc1m9kL_9K6wog
Requested by
Host: calmcactus.com
URL: https://calmcactus.com/v2bxlVYgfmBS0Q0hJWcJTDskRbVLCttqKoP9bvXwc_tFUDjZsRV50oiEJtqnYmDGl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:b14d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 03 Oct 2022 08:07:16 GMT
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.wnd.com
x-hostname
fen-hoothoot-europe-west1-spot-33r1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 03 Oct 2022 08:07:15 GMT
truncated
/ Frame 6B2B
942 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b23695c5196ff9c1a5049ce1bddc19645a6403e1f94a68427ea893e460cf90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 6B2B
864 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8d26986018cd62496d1071f0f70b61a92574a009ce90c360ef3c36a4a2b6055

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 6B2B
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
030ba290b8dfcad619974df808d6aa3648e942a6ace49c43dbde16516ca57496

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 6B2B
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f75e1bbca672b869ac0799c300c0901f0bf6e4f53c32c20387179563b848bf7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 6B2B
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573f0be502559eb5ef349ede1ac802407cd2228da8e136ab2cce5d86b9d20f6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 6B2B
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e82f7358ecdf8b9b7bd1ba09b899071aa026dd07192dee4bb1c3ad9c29b1cfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 6B2B
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4663fbcb6ece2376df5b0057eb81ef062d13997e5c556146e3eb2b0d918044f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 6B2B
855 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3da7daeb348e147594792a28e2766e204d3123c4dc79432c78fe654dcb26ced8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B62F
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=L8SHNYZ8-1S-7FN9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
10af108baa8103fb427a2cc0433d74a0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame DACE
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame DACE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1ou03jOxRHeGjEyggcXWSg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1ou03jOxRHeGjEyggcXWSg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1ou03jOxRHeGjEyggcXWSg
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 08:07:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QGCWADCF2KQCQ10A05AZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1ou03jOxRHeGjEyggcXWSg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DACE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Gfk4_8_nTBCEjCvSgtcNkQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Gfk4_8_nTBCEjCvSgtcNkQ
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Gfk4_8_nTBCEjCvSgtcNkQ
Protocol
HTTP/1.1
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 08:07:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YFJ9JJGRZMM0C1M94YBM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Gfk4_8_nTBCEjCvSgtcNkQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DACE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhTSE5ZWjgtMVMtN0ZOOQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhTSE5ZWjgtMVMtN0ZOOQ==
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhTSE5ZWjgtMVMtN0ZOOQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DACE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI5MWJmODQ3ODg5YzdkNTMyNmYwMmE5MDJkYzZmZTQyNDNhNTkzMw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI5MWJmODQ3ODg5YzdkNTMyNmYwMmE5MDJkYzZmZTQyNDNhNTkzMw
Protocol
H3
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI5MWJmODQ3ODg5YzdkNTMyNmYwMmE5MDJkYzZmZTQyNDNhNTkzMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DACE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECrHcFIypObWDDo-F_f9Eoc&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECrHcFIypObWDDo-F_f9Eoc&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECrHcFIypObWDDo-F_f9Eoc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DACE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LK8kzNvadWKgzZagLHNQp8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5269230929065095330
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5269230929065095330
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 03 Oct 2022 08:07:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5269230929065095330
content-length
0
setuid
px.ads.linkedin.com/ Frame DACE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8SHNYZ8-1S-7FN9
0
945 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8SHNYZ8-1S-7FN9
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:16 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5DF330E372BC41C881D09F02F2FB9BF9 Ref B: FRAEDGE1105 Ref C: 2022-10-03T08:07:16Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-source-fabric
prod-lor1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqHNT5Zf2weGBQqouhZw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8SHNYZ8-1S-7FN9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
metrics
connect-metrics-collector.s-onetag.com/
0
73 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 03 Oct 2022 08:07:20 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/
0
72 B
Ping
General
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 03 Oct 2022 08:07:20 GMT
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 6B2B
0
125 B
XHR
General
Full URL
https://event.instiengage.com/v1/event?event_name=event_user-browser-v2
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.124.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-124-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://comment.instiengage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://comment.instiengage.com
date
Mon, 03 Oct 2022 08:07:21 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame
0
0
Preflight
General
Full URL
https://event.instiengage.com/v1/event?event_name=event_user-browser-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.124.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-124-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://comment.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://comment.instiengage.com
access-control-max-age
3600
content-length
0
date
Mon, 03 Oct 2022 08:07:21 GMT
vary
Origin
impression
trends.revcontent.com/event/
0
0

defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/
23 KB
7 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31298ba8cc6afb3e45cf315566e66815d851b456240e82bb1b4f5e4ad60e1185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
content-encoding
gzip
last-modified
Fri, 23 Sep 2022 14:13:30 GMT
server
AmazonS3
x-amz-request-id
SKXYS1XXWCQXEZJH
etag
"5ce8ee0bffd17091294d164ec9e1ca8f"
x-hw
1664784444.cds065.lo4.hn,1664784444.cds220.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
7035
x-amz-id-2
kwGyUalQ+Q1hRQZKMKPO0BwhkHmdnx3PtJoNjqglZ81uvUnbP4R9C+bW6eSdFiBHeTOxtGexBcQ=
defaultWidget.delivery.js
assets.revcontent.com/master/
17 KB
6 KB
Script
General
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d11c263a9424be65c3da40766908fd8455ae04a43e3d86d47a3383151658a4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
content-encoding
gzip
last-modified
Fri, 23 Sep 2022 14:13:28 GMT
server
AmazonS3
x-amz-request-id
SKXKEBSGWRWJ4QFN
etag
"8485637d9a9af067157078435a5bfd52"
x-hw
1664784444.cds065.lo4.hn,1664784444.cds238.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6207
x-amz-id-2
s+Z1+VoYRPBDPSEKAqnZPfCxjrh93XS/ar5V1iY60h/D9q/mBYCQtwqSgUGn9XPDSNBXJKjnaAg=
commonModal.delivery.js
assets.revcontent.com/master/
3 KB
2 KB
Script
General
Full URL
https://assets.revcontent.com/master/commonModal.delivery.js
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7148b36d9b965e789ef88df0538a80c2cf5df361c6e6337f1edf1e180e6c5b68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
content-encoding
gzip
last-modified
Fri, 23 Sep 2022 14:13:27 GMT
server
AmazonS3
x-amz-request-id
SKXQPT912EBWREQY
etag
"07beed17d33898f500f8e587bda81c0b"
x-hw
1664784444.cds065.lo4.hn,1664784444.cds103.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
1662
x-amz-id-2
hhHzjM9KPtyBc0UkBOP6ADm631LZrOIq89zAOG5NcOrA5uXIvcr89tidTsZDzROMS4wwnVFN1Aw=
/
img.revcontent.com/
1 KB
1 KB
Image
General
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
last-modified
Thu, 02 Jun 2022 15:22:42 GMT
etag
"1654183362"
x-hw
1664784444.cds011.lo4.hn,1664784444.cds310.lo4.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1351
rc-logo.png
cdn.revcontent.com/assets/img/
2 KB
2 KB
Image
General
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
last-modified
Fri, 23 Sep 2022 15:36:35 GMT
etag
"1663947395"
x-hw
1664784444.cds310.lo4.hn,1664784444.cds256.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1227
accept-ranges
bytes
content-length
2091
632e677324b654-62393860.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
9 KB
10 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/632e677324b654-62393860.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c6ea1a8223a1a88f3fc97d307cd642faee8d8ca9be720578ea24f27eea0e4b2f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sun, 02 Oct 2022 07:15:19 GMT
server
Cloudinary
etag
"383ad03f1cc282ac90da289ba46916b9"
x-hw
1664784444.cds278.lo4.hn,1664784444.cds088.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=0;start=2022-10-02T11:37:06.940Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
9482
38b05e26bc1dd00fa50d6e2d6f4bc8c1.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
9 KB
9 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/38b05e26bc1dd00fa50d6e2d6f4bc8c1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f1021bdb5ffeb515a31254dbaa37a53a9eb7da7500db00f6e54c9bf7a8ad7325
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 27 Jun 2022 18:02:29 GMT
server
Cloudinary
etag
"b8549c22317fb918d42e730f637256d1"
x-hw
1664784444.cds278.lo4.hn,1664784444.cds239.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=110;cpu=1;start=2022-06-27T18:19:19.461Z;desc=miss,rtt;dur=0,cloudinary;dur=29;start=2022-06-27T18:19:19.503Z
accept-ranges
bytes
timing-allow-origin
*
content-length
8871
7f1e6ce4c2b16e41d313eaf29967d234.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/
7 KB
7 KB
Image
General
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/7f1e6ce4c2b16e41d313eaf29967d234.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a176900296ad3bb9f3b394e8785e7e85d5a38bd229af8781f6f7f5af70414ea6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Thu, 22 Sep 2022 06:12:47 GMT
server
Cloudinary
etag
"c0f636385cf1c02880441edbf8247973"
x-hw
1664784444.cds278.lo4.hn,1664784444.cds003.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=151;cpu=0;start=2022-09-22T06:14:52.983Z;desc=miss,rtt;dur=0,cloudinary;dur=72;start=2022-09-22T06:14:53.022Z
accept-ranges
bytes
timing-allow-origin
*
content-length
7181
page-view
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 08:07:25 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
widget-loaded
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 08:07:25 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
page-view
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Mon, 03 Oct 2022 08:07:25 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Mon, 03 Oct 2022 08:07:25 GMT
x-envoy-upstream-service-time
2
Server
openresty
Connection
keep-alive
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Mon, 03 Oct 2022 08:07:25 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 08:07:25 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
event
event.instiengage.com/v1/ Frame 6B2B
0
125 B
XHR
General
Full URL
https://event.instiengage.com/v1/event?event_name=event_commenting-unit-load-v2
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.76
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.124.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-124-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://comment.instiengage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://comment.instiengage.com
date
Mon, 03 Oct 2022 08:07:26 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame
0
0
Preflight
General
Full URL
https://event.instiengage.com/v1/event?event_name=event_commenting-unit-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.124.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-124-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://comment.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://comment.instiengage.com
access-control-max-age
3600
content-length
0
date
Mon, 03 Oct 2022 08:07:26 GMT
vary
Origin
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
23 B
459 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pid=ZE0nM1ba5Suhq&cb=1&ws=1600x1200&v=22.9.81452&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-cmt-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwnd.com_Web_300x250_cmt_1%22%2C%22kv%22%3A%7B%22gpid%22%3A%22wnd.com-div-insticator-ad-cmt-1%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwnd.com_Web_300x250_cmt_2%22%2C%22kv%22%3A%7B%22gpid%22%3A%22wnd.com-div-insticator-ad-cmt-2%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwnd.com_Web_300x250_cmt_3%22%2C%22kv%22%3A%7B%22gpid%22%3A%22wnd.com-div-insticator-ad-cmt-3%22%7D%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwnd.com_Web_300x250_cmt_4%22%2C%22kv%22%3A%7B%22gpid%22%3A%22wnd.com-div-insticator-ad-cmt-4%22%7D%7D%5D&schain=1.0%2C1!fireflyengagement.com%2C2019001%2C1%2C%2C%2C&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.wnd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:07:39 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
M58CW5P899EWHVK25SFM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wnd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
L7-nsltQybx6dVtBXl5xGD_phcsoxVqB1BHfvSaM-LfTAYSA2gUarg==
fastlane.json
fastlane.rubiconproject.com/a/api/
668 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094%3B771342%3B771344%3B771346&size_id=15&alt_size_ids=16%2C43&rp_schain=1.0,1!insticator.com,7afb724c-10ef-44e8-8817-eb6f9a5668db,1,1636a035900b929,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&tg_i.pbadslot=wnd.com-div-insticator-ad-cmt-1%3Bwnd.com-div-insticator-ad-cmt-2%3Bwnd.com-div-insticator-ad-cmt-3%3Bwnd.com-div-insticator-ad-cmt-4&tk_flint=pbjs_lite_v6.29.0&x_source.tid=5a1ccba0-fd76-4dd5-9e25-4590192df47e%3B9f31edd3-bba6-4e6b-9930-48b49ceef2d1%3Bdea347a8-8b48-4810-b747-4ac7fd5179d0%3Bce2a8581-9d93-44f5-b71a-281734ace25a&l_pb_bid_id=62001b79de7f911%3B63cd885bc1b1bf6%3B643d49e1e1b54a%3B656604572d8b2ac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=wnd.com-div-insticator-ad-cmt-1%3Bwnd.com-div-insticator-ad-cmt-2%3Bwnd.com-div-insticator-ad-cmt-3%3Bwnd.com-div-insticator-ad-cmt-4&slots=4&rand=0.717127201521889
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f02c3e72905291807d630c8c58b701614274ba016a4170f24b3239ef7e317a8d

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 08:07:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.wnd.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
668
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
insticator-d.openx.net/w/1.0/
74 B
102 B
XHR
General
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4f14f0e7-a2d0-47c8-ad1d-6c44075521d9%2C59616ddb-ae1c-4877-a0db-a72177bd0cf3%2Cc2f16737-9e67-4ca1-9db0-a48399b213b4%2C0c12c6bd-db85-4c49-a654-aad2228eddcd&nocache=1664784459147&id5id=0&pubcid=c4782799-d251-44df-b56e-a6d517b2c96c&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C1636a035900b929%2C%2C&aus=320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250&divids=div-insticator-ad-cmt-1%2Cdiv-insticator-ad-cmt-2%2Cdiv-insticator-ad-cmt-3%2Cdiv-insticator-ad-cmt-4&aucs=wnd.com-div-insticator-ad-cmt-1%2Cwnd.com-div-insticator-ad-cmt-2%2Cwnd.com-div-insticator-ad-cmt-3%2Cwnd.com-div-insticator-ad-cmt-4&auid=545638247%2C545638247%2C545638247%2C545638247
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
79300a421488786d98c32210f79e4564869792c9dba6d046d18922df2a0b6646

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 03 Oct 2022 08:07:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wnd.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/213163/0/
0
159 B
XHR
General
Full URL
https://tag.1rx.io/rmp/213163/0/mvo?z=1r&hbv=6.29,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wnd.com
pragma
no-cache
date
Mon, 03 Oct 2022 08:07:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.wnd.com
date
Mon, 03 Oct 2022 08:07:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/
0
0

c
prebid.a-mo.net/a/
0
44 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/888d9f08-6811-40ec-95fc-ac103c950648.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 03 Oct 2022 08:07:38 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.wnd.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
api-errors
yeet.revcontent.com/yeet/events/
0
0
Fetch
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: d1zxg9iar5y3ur.cloudfront.net
URL: https://d1zxg9iar5y3ur.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.wnd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Mon, 03 Oct 2022 08:07:39 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
api-errors
yeet.revcontent.com/yeet/events/ Frame
0
0
Preflight
General
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wnd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 03 Oct 2022 08:07:39 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cJ0jhi7Kur7ioGrkHcnlxd
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cRlJ0M7Kur7ioGrkHcnlxd
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cYXOB27Kur7ioGrkHcnlxd
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=c7CESg7Kur7ioGrkHcnlxd
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/api/demand/?w=113544
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/sync
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/api/demand/?w=113540
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=113540&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&icr_url=&va=0&time=1664784429671&up=pc&bn=chrome&bv=106&widget_width=836&style_id=0
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=wnd.com
Domain
trends.revcontent.com
URL
https://trends.revcontent.com/event/impression
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb?guid=cJ0jhi7Kur7ioGrkHcnlxd

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| getParameterByName function| getCookie function| setCookie string| GoogleAnalyticsObject function| ga object| dataLayer object| PWT number| is_wp object| _izq object| container undefined| _izAlt object| _iz object| izConfig object| _atrk_opts function| admiral object| googletag object| Insticator number| ff_current_page number| FF_REP_COUNT function| firefly_setTargeting function| firefly_size_list_to_max_wh object| FFADS object| pbjs function| sendInitialAdserverRequest function| sendSingleAdserverRequest function| firefly_pbjs_bids_back_single function| firefly_a9_bids_back_single object| a9_slot_arr string| ad_unit object| apstag object| _comscore function| fbAsyncInit object| EAS_BB1 object| a2a_config string| firefly_poll_force_email object| EAS_SB4 function| firefly_global_loaded string| firefly_loading_gif_url string| firefly_ajax_url number| firefly_post_id function| firefly_set_ff_utms object| atsScript string| widgetID object| mcs boolean| firefly_global_loaded_v object| wp object| _qevents function| atrk boolean| _atrk_fired boolean| headerTagInjected number| insticator_tg boolean| abpStatus object| InsticatorXmess object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _izooto object| google_tag_manager object| COMSCORE function| udm_ object| ns_p object| FB object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant function| ff_open_close_list function| ff_list_toggle function| ff_create_subscriber function| firefly_update_subscriber function| ff_check_list_checkbox function| ff_unsubscribe_all_list function| ff_subscribe_all_list function| ff_select_all_list function| ff_open_subscriber_form function| ff_open_preference_page function| validateEmail function| ff_update_subscriber_email_inputs function| authorCustomForm function| isMobile function| checkAlmostVisible function| firefly_ma function| firefly_sc undefined| deferredPrompt string| voted_cookie_name undefined| manage_button undefined| login_button undefined| manage_mobile_button undefined| login_mobile_button object| firefly_slider string| ff_source object| firefly_sa_elems undefined| firefly_sa_rotateTime undefined| firefly_sa_transitionTime undefined| firefly_sa_adElements undefined| firefly_sa_rotateCounter undefined| firefly_sa_nextElement undefined| firefly_sa_currentElement undefined| firefly_sa_count undefined| firefly_sa_totalElements undefined| firefly_sa_restarted undefined| firefly_sa_rotateStickyAds undefined| $ function| jQuery boolean| ff_poll_voted object| owpbjsChunk object| owpbjs object| _pbjsGlobals string| partnerName string| key boolean| apstagLOADED object| ats object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| __buffer function| 4dm1r11545242527 object| __connect object| UserWayWidgetApp object| instBidChunk function| dspCriteoRTUSCallback object| core object| InsticatorCommenting string| txt function| postscribe function| __tcfapi function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| supportedLanguages object| mapToSupportedLanguages object| supportedLocales string| DEFAULT_FALLBACK_LANGUAGE function| supports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| _mgIntExchangeNews object| MarketGidInfC1222091 boolean| mg_loaded_542038_1222091 object| MarketGidInfC1135114 boolean| mg_loaded_542038_1135114 object| onClickExcludes function| mgReject1222091 function| mgLoadAds1222091_0615f function| MarketGidCReject1222091 function| MarketGidLoadGoods1222091_0615f object| _mgq function| _mgqp number| _mgqt number| _mgqi function| mgReject1135114 function| mgLoadAds1135114_00740 function| MarketGidCReject1135114 function| MarketGidLoadGoods1135114_00740 function| mgReject1135118 function| mgLoadAds1135118_00740 function| MarketGidCReject1135118 function| MarketGidLoadGoods1135118_00740 object| _mgPageViewEndPoint542038 string| _mgCanonicalUri object| _mgPageView542038 string| _mgPvid boolean| MarketGidCSvsdsFlag boolean| i.js.loaded boolean| i-noref.js.loaded function| setImmediate function| clearImmediate object| ID5 object| ldAdInit object| MarketGidInfC1269477 boolean| mg_loaded_542038_1269477 object| _ldAdIdMap function| mgReject1269477 function| mgLoadAds1269477_13b3e function| MarketGidCReject1269477 function| MarketGidLoadGoods1269477_13b3e object| UserWay object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing boolean| isCommentingRequested object| regeneratorRuntime object| $SO

75 Cookies

Domain/Path Name / Value
click1.mail.wnd.com/ Name: JSESSIONID
Value: E4BA4EE09ABFA3ACE46AA0FFFC59202A
.wnd.com/ Name: __asc
Value: e2cb02211839ce26fe4f03db458
.wnd.com/ Name: __auc
Value: e2cb02211839ce26fe4f03db458
.wnd.com/ Name: _ga
Value: GA1.2.2143463904.1664784429
.wnd.com/ Name: _gid
Value: GA1.2.1954303079.1664784429
.wnd.com/ Name: InstiSession
Value: eyJpZCI6ImYwNGM4Yjg4LTVmNjktNDYzOC1hNTI4LTIxMjJjMjc2MTM4NCIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjoiRW1haWwiLCJtZWRpdW0iOiJ3bmQtbmV3c2xldHRlciIsImNhbXBhaWduIjoiZGFpbHlhbSIsInRlcm0iOm51bGwsImNvbnRlbnQiOiJuZXdzbGV0dGVyIn19
.mgid.com/ Name: __cf_bm
Value: RFjHqWHTWsyHJ91XbI.79AzbA6Q3R71.wgRtGg47dJ8-1664784429-0-AZXCkUkzLKvvj7rNGcEbqK9AIwLAwqc21Kl0Fh5W3rkqNuaVIqlOjRJ0Mhi7hfsNOAD8oPKdljAZSTmUSo05bMw=
www.wnd.com/ Name: ff_source
Value: email
.izooto.com/ Name: IZCID
Value: 02274ff8-4fa9-49a1-b1a0-24234be3c85d
www.wnd.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.wnd.com/ Name: _dc_gtm_UA-3977950-12
Value: 1
www.wnd.com/ Name: qcSxc
Value: 1664784429414
www.wnd.com/ Name: plsVisitorGeo
Value: DE
www.wnd.com/ Name: plsVisitorCity
Value: Hessen
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d580715ae0845057
.quantserve.com/ Name: mc
Value: 633a982d-6882c-dc509-4069a
www.wnd.com/ Name: hb_insticator_uid
Value: de345507-9a43-4474-9310-307efa4f46e2
.wnd.com/ Name: __qca
Value: P0-366855074-1664784429411
www.wnd.com/ Name: _lr_geo_location
Value: DE
www.wnd.com/ Name: visitorGeo
Value: DE
www.wnd.com/ Name: visitorCity
Value: Frankfurt am Main
www.wnd.com/ Name: visitorIP
Value: 193.27.14.36
.rubiconproject.com/ Name: khaos
Value: L8SHNYZ8-1S-7FN9
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/Ei3Yn0Wod92kf+oE/PhLWQEKtLvkckcz9tcmto/E7oIO+V127/POnSisc7gfVUxegVo2B05UvZjLzV3gOdXM6J0sqlSNZOaaDQ=
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGNMdmUvl3ZxGQskJGpgd1xIFt87TMBs-LTKtZrofXbc4
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8566|YzqYM
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.aj2495.online/ Name: UUID
Value: 3b939eed-67a2-5d0d-9bf8-e52425624cf9
.aj2495.online/ Name: ucv
Value: 22-DE-1664870830364-24--
www.wnd.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1222091%22%3A%7B%22page%22%3A1%2C%22time%22%3A1664784429989%7D%2C%22C1135114%22%3A%7B%22page%22%3A1%2C%22time%22%3A1664784429816%7D%2C%22C1269477%22%3A%7B%22page%22%3A1%2C%22time%22%3A1664784430792%7D%7D
www.wnd.com/ Name: bddata
Value: {"dtype":1,"btype":1}
www.wnd.com/ Name: evtrk
Value: 1
.wnd.com/ Name: panoramaId_expiry
Value: 1664870832595
.wnd.com/ Name: cto_bundle
Value: 6D1ocl9pdFNiUEh2MGxVbjNSVGIxbXc3RU0wVW4zbzFTT3k1cHNWTXQ5QmNvWVh0Vk43Tzl2YnhpaTRMcmFkalNQd2xtcWNkaXJOVjFzJTJCZjZyR3JBVk4zaWlvUURZcHpuQnZOMWg5U2FDZWpNWVU0JTNE
.wnd.com/ Name: cto_bidid
Value: YEHHMl81TjdXbVM1b1JGWSUyRnplSmIzY0ozMDRXSHNha2pTVEZPSXZabk1vM0F3d0QlMkJQVFZFbHNwejJiaWdHd3hYNkwxMTdHU2U5Y0FXZUkyY0VZRkNXZzdKYVElM0QlM0Q
.wnd.com/ Name: _awl
Value: 2.1664784434.0.5-fc6b42c6ccf2192c458bb732a90ad675-6763652d6575726f70652d7765737431-0
.wnd.com/ Name: _admrla
Value: 2.2-15f9be0282f22121-644bd934-42f2-11ed-8741-7340714e9fd7
www.wnd.com/ Name: _lr_retry_request
Value: true
www.wnd.com/ Name: _lr_env_src_ats
Value: false
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
www.wnd.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-03T08%3A07%3A15%22%7D
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: b368fe16-8a29-5214-9476-f632f74c6e01
.betweendigital.com/ Name: ss
Value: 1
.casalemedia.com/ Name: CMID
Value: YzqYMyCrn790lfkiaSlA8AAA
.casalemedia.com/ Name: CMPS
Value: 5154
.casalemedia.com/ Name: CMPRO
Value: 5154
.betweendigital.com/ Name: ut
Value: YzqYMwAMPNC3lgmLoyr5tnbBpumMm-ZiStBs8g==
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:ac8:20:303::203e
ex.ingage.tech/ Name: instUid
Value: de345507-9a43-4474-9310-307efa4f46e2
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-37e33516-5636-46d3-bdd2-fd8a08490f19-003%22%2C%22zdxidn%22%3A%222069.50%22%2C%22nxtrdr%22%3Afalse%7D
.aralego.com/ Name: gdpr
Value: 0
.aralego.com/ Name: sspid
Value: 6473ca0d-500a-35da-91cc-47b20b919779
.yahoo.com/ Name: A3
Value: d=AQABBDSYOmMCEDX_iPOICwoYNnkUGYjph9MFEgEBAQHpO2NEYwAAAAAA_eMAAA&S=AQAAAvtdQc86YTPibcFR3GuGmr0
.adnxs.com/ Name: uuid2
Value: 6281404486374392508
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZibmFiYmxmbGwEAA8rQeMQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQ2NzQzMTUzNxXiM9T1dQo2c3IOMTb19c0GAFbnn3wlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQ2NzQzMTUzNxXiM9T1dQo2c3IOMTb19c0GAFbnn3wlAAAA
.brand-display.com/ Name: _knxq_
Value: 8c84bc6b-0ae6-823a-9a75d38a.1664784436.0.1664784436.1664784436
.doubleclick.net/ Name: IDE
Value: AHWqTUmoMSoo_xy2IbkgiUSj7EY-63uO-Og-6KHxScj672EkfZ5d4y-AGQYNz634J9w
live.instiengage.com/ Name: route
Value: 437648bde2f16b7d993bd8cdb6d8169b|bc2e8509d1108493c0fbabaa9aff431f
.casalemedia.com/ Name: CMTS
Value: 1189
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b21c198e-9158-4497-8f44-4401bd513ffb"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjQ3ODQ0MzY7MjswMjGsv31WnFWPQLx19d705uEH31bEPSiUNgtN7SReCioGRg==
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2491:u=1:x=1:i=1664784436:t=1664870836:v=2:sig=AQFOgoka0cp_gZIg_QTGfV0OSrkCjGkV"
.amazon-adsystem.com/ Name: ad-id
Value: A97RXVJ4hU5rlbALKFl2O9w

11 Console Messages

Source Level URL
Text
network error URL: https://signal-segments.s-onetag.com/desktop/www.wnd.com
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://signal-segments.s-onetag.com/desktop/www.wnd.com/%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6(Line 203)
Message:
A preload for 'https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Message:
The resource https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Message:
The resource https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript error URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Message:
Access to fetch at 'https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=113540&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&icr_url=&va=0&time=1664784429671&up=pc&bn=chrome&bv=106&widget_width=836&style_id=0' from origin 'https://www.wnd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=113540&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&icr_url=&va=0&time=1664784429671&up=pc&bn=chrome&bv=106&widget_width=836&style_id=0
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.wnd.com%2F2022%2F08%2Fcourt-orders-2-judges-took-millions-kickbacks-pay-big%2F%3Futm_source%3DEmail%26utm_medium%3Dwnd-newsletter%26utm_campaign%3Ddailyam%26utm_content%3Dnewsletter%26ats_es%3D04326a45ce34b62a6acffaedcedc065f&pageTitle=Court%20orders%202%20judges%20who%20took%20millions%20in%20kickbacks%20to%20pay%20out%20big&enableNewAuthFlow=true&siteUUID=888d9f08-6811-40ec-95fc-ac103c950648&integrationId=888d9f08-6811-40ec-95fc-ac103c950648&extPageId=5031823&contentId=96c6ebe3-1462-4d23-85df-a7329e12ac64&sessionUUID=5a6c6403-3954-496a-9927-f89644fa65a6&cookieId=5a6c6403-3954-496a-9927-f89644fa65a6&frameUuid=51a6c729-570f-4260-89bb-59110819a0e6
Message:
The resource https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript error URL: https://www.wnd.com/2022/08/court-orders-2-judges-took-millions-kickbacks-pay-big/?utm_source=Email&utm_medium=wnd-newsletter&utm_campaign=dailyam&utm_content=newsletter&ats_es=04326a45ce34b62a6acffaedcedc065f
Message:
Access to fetch at 'https://trends.revcontent.com/event/impression' from origin 'https://www.wnd.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://trends.revcontent.com/event/impression
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad-cdn.technoratimedia.com
ads.betweendigital.com
ads.pubmatic.com
aj2495.online
apex.go.sonobi.com
api.rlcdn.com
api.userway.org
assets.revcontent.com
ats.rlcdn.com
auth.instiengage.com
bh.contextweb.com
c.amazon-adsystem.com
c.mgid.com
calmcactus.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.izooto.com
cdn.mgid.com
cdn.revcontent.com
cdn.userway.org
cdn11.bigcommerce.com
cdn2.decide.dev
cdn77.aj2495.online
certify-js.alexametrics.com
certify.alexametrics.com
cl.imghosts.com
click1.mail.wnd.com
cm.g.doubleclick.net
cm.mgid.com
comment.instiengage.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
csync.loopme.me
d1zxg9iar5y3ur.cloudfront.net
d2s3kjdp77ms5k.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
dashboard.insticator.com
decide.dev
df80k0z3fi8zg.cloudfront.net
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
images.revcontent.com
img.revcontent.com
insticator-d.openx.net
insticator.technoratimedia.com
jsc.mgid.com
match.adsrvr.org
mug.criteo.com
onetag-geo.s-onetag.com
p.rfihub.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
product.instiengage.com
px.ads.linkedin.com
pxl.qccerttest.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rules.quantcount.com
s-img.mgid.com
s.amazon-adsystem.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.mgid.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
signal-segments.s-onetag.com
soapps.net
ssc.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.instiengage.com
stats.g.doubleclick.net
sync.1rx.io
sync.aralego.com
tag.1rx.io
token.rubiconproject.com
trends.revcontent.com
u.openx.net
www.google-analytics.com
www.googletagmanager.com
www.wnd.com
yeet.revcontent.com
dashboard.insticator.com
ssc.33across.com
trends.revcontent.com
104.18.18.126
104.18.19.126
104.96.145.246
108.138.17.48
108.138.4.10
108.138.4.150
108.138.7.53
13.32.121.17
13.32.121.59
13.32.99.46
141.95.98.64
143.204.89.74
147.75.85.234
151.139.128.11
162.210.196.208
172.217.19.98
178.250.0.157
18.66.112.48
18.66.147.89
184.51.9.34
185.64.189.112
185.64.190.78
185.89.210.244
188.42.191.196
193.0.160.128
193.122.128.135
198.148.27.140
212.124.124.69
213.19.147.43
213.19.147.44
23.205.235.133
2600:1901:0:b14d::1
2600:9000:223c:2a00:3:7df3:55c0:93a1
2600:9000:223d:ca00:9:78a:e540:93a1
2600:9000:223d:cc00:11:615:7240:93a1
2600:9000:223e:800:1c:f0ba:c200:21
2600:9000:223f:aa00:8:48e:53c0:93a1
2600:9000:223f:cc00:16:55f6:40c0:21
2600:9000:225e:5600:17:5bae:c7c0:93a1
2600:9000:2304:b600:10:3422:3f00:21
2600:9000:2491:3e00:6:44e3:f8c0:93a1
2600:9000:2491:6a00:1c:386f:ec80:21
2602:803:c003:200::61
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:3556
2606:4700:1::6813:844e
2606:4700:1::6813:854e
2606:4700:4400::6812:2bc0
2606:4700::6812:116b
2606:4700::6812:d941
2606:4700::6813:ad6c
2606:4700:e6::ac40:cc0b
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:806::2008
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:829::200e
2a00:1450:400d:80c::2002
2a00:1450:4025:401::9b
2a02:2638::1c
2a02:6ea0:c700::17
2a02:6ea0:cb00::2
2a03:2880:f02d:12:face:b00c:0:3
2a05:d018:d29:3605:b661:2495:bc14:df31
2a06:98c1:3120::3
2a06:98c1:3120::c
34.111.151.213
34.120.133.55
34.149.139.129
34.227.129.115
34.251.218.252
34.95.69.49
35.244.159.8
35.82.251.53
52.0.100.196
52.212.196.113
52.223.40.198
52.46.155.104
52.84.106.121
52.95.118.179
54.147.124.45
54.203.226.224
54.211.179.172
54.72.178.118
63.141.128.3
69.166.1.9
69.173.144.139
74.214.203.11
75.2.13.80
8.43.72.98
99.81.25.188
0076853e981c2b22d99e8a131c791d4c0e123ba074a7492c72f1da3a0470b2b9
00b19569e4adf70abf9f9aa26a9a092bc64b9484b1c83077953b818c7598b70b
030ba290b8dfcad619974df808d6aa3648e942a6ace49c43dbde16516ca57496
03d3da807ce37cd9529f35fb5480a14ff4d860c8d9935254749f5614049275f5
04b23695c5196ff9c1a5049ce1bddc19645a6403e1f94a68427ea893e460cf90
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fafd50b3964c2ce237edbfe429cc784247346d87abb10686002a8b26c3ff9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5242c5bd412e09706a648a14e02859bd43637b825767bb555f92a14b347758
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
12cf4dfddba9d224681e1a2d91ef02501364f74d3886a0e4a26665e7587d41b6
17b6f10f5c9ba84e9702808ad936d014da5ba012b3c531bc48ce1c364110ca43
17bd91c17b7ce6aa3381331d96a48c3cdda81a7af8589c373a9bf2ef533639b5
1a99b218dbb12e34c8d59e0fa44d6429ecdb119daa55bd10eeb30a7363abd698
1b925efa0ae25fc273f2c7d20ddb32e2a7fff8ad9283faa9f896cb6d47aec600
1c5ef9a8aa5bc486dbcc4f491e7af43986cceda9640fa3d6d453972a220a084a
228d4871dfc7449dc55658c8366352e7b3e820fc7f6ec848272a05a0ef455fec
22ad449d86a9647dfacc778dc0b73e3959a96743bf9b40870c5c05272a299901
235f8916406f2b09a51f4d9576b50e4bccf23d116be0a2802f05a2741e573966
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2632b3fbd3a53c9c1ad2112e29ebd24ef3f59d7d17e97f1825c726f556e3bb06
27e8e948a2d38bff2f31aaf87feb8b09d27c18317b78d7dc5bd6f159f255ea3e
2a29e9663d611a541179e74f99792d3eb7ce1e9f5199de0f47a4b9482590b129
30de2e6c987e9d041cd6b12a4a4bb6f553f00d7e5e7922ac0b1fca4c63df9f70
31298ba8cc6afb3e45cf315566e66815d851b456240e82bb1b4f5e4ad60e1185
31b11a2e634abd7166080ec689881f1152413a31284ab5fdff37ffd2cfac3212
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
3302bb80d02728cf95285cd0125bf6bc4af73273a5d081ec558e07ac9ac2c434
3419c40d6c330df291db358b298376c17d1106d91413da1a40956cb53a638167
347915247efec5ec33a65a5481aed516b8e9107911c421b03e9aac14429e8af5
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
3538776a55c419cdf03421322a243bd2d47939e1c2a896b085004346006cb262
36f3e143cd14977f8661b37069c3cdb2517dd43bfcf5086566dcad61f97d1a4f
3988f57751937ac8f5ceb338d62672d4f6ae1b8dfdbb969c651adf3184ef830d
3da7daeb348e147594792a28e2766e204d3123c4dc79432c78fe654dcb26ced8
3dbd0e87d38896c20cb10c5e70a467b770f22981bb1e8d2d0094452a26c607bf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4074d1b1ec5ed8b5c936fdb79727582093c45a66cecb49483022c22d8079c30a
40bbdc8e50baf24d959cc2361e1696d2f99b758a37c887a42e9d8de7b21184b2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
4663fbcb6ece2376df5b0057eb81ef062d13997e5c556146e3eb2b0d918044f4
47f939d447b1f96bd45972df4f933992f168f2a4d34d981a225023cc0559f37b
498816005d8208962ab899a1b152ef0d87e3424532728368fa71da24796d47c4
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4d11c263a9424be65c3da40766908fd8455ae04a43e3d86d47a3383151658a4e
4d4793b66175d4a2207817022b9c25a57813a453f712412f3021e2aa0dec255c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e82f7358ecdf8b9b7bd1ba09b899071aa026dd07192dee4bb1c3ad9c29b1cfd
4f520303e1751d5fd512b813b2dd31c350a1218374a536cfe586255b1fde0ec1
4facb61f7f55cce048388b98dc6efe7256687a5b44b08480e719fdf6d0b8e3d2
56de85fb0fbe41ad987565b379c2a261b6d489151c5dcd415f73717f453ccc99
573f0be502559eb5ef349ede1ac802407cd2228da8e136ab2cce5d86b9d20f6e
5a7727f1995354ee2eed4d7e7602acb0038dc1b9dd924ce9807710ebb54012c7
5a7b6dea2948ba4a844b009a81ff2eeaa134b64ed11a568ecac5b795a99a5f41
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3d5671eb464c4040b864da705012965774556b2515837a216e8f205e257f28
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5d867e07f532072c42bf95e01148048ef9c430401f1be7606558cda7dbbe0a04
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2
5f1f970f18f03cf8b24cc921215510102cb3912b53415cd363f076d07167eb0b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61d6f011e98dcbe8df2f3401ecde97e94f8c739f7d02473a5afbdb457714cbee
63463d38193c6497075ed9082a633b513cbeddce5dd8bc3e23645cda0481bca3
636c1c6390b6c901276d791f8b50884fcd42695e660f803aec59e1806f3ff8ab
6409a3197cf3c4dbdea7fe09e73ef51b077d98df9351aa3bee222cdc3d7e7160
6619c3c9eaf6738dc2e1921e0682e82f4a5b0ac44a6b33d89812f576bc31ab41
6788f095682f1e59656329fcc0a057cc2db5155494119e3df6c50658210a21ea
693c49139aff552e160be48d18bb59af2cab6893b8ab920dd24725d1b66f6f68
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89
6971fb1c62ccd7e9bd00028f5b08d6d702862a2cb1034518e49bbcfc0f69317b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8a2da252f28102c2783d4af0ff008cb087a9c2be481bda5eb949e8560ef4f5
6d9bbaefeb78a48f25cab040c5b7c5c7efb6bd2db5e7909f558124b08919062a
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7148b36d9b965e789ef88df0538a80c2cf5df361c6e6337f1edf1e180e6c5b68
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18
79300a421488786d98c32210f79e4564869792c9dba6d046d18922df2a0b6646
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79bd6807cd733043c9c0d588f847993a9ec76057396dfbce898aa369c988cdf1
7e1da269f119bd1587b464a2c73cae906c97a5b38cdb828688792231527c626e
826f31570be6107d9f952800434f48426c614b4b6d4aa0c43b4ddd5a5541a4f5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab2e236a9d9c8ab68da49e83a457d58223c9485146143695b11a71e27936035
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8
914092ae9d0f8bab6a904e432aa6bb057b9d794105cb44e8b76bf5de3fb502b6
918ac16fbda4c28698371c4917a769777754bc8e450760c1efcca36ab5abe075
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
96b5f357170c82bb72fcd88cab586c4421f11926528e2fa1e6d97977a1edcbed
98553ce7f487901b260f522822f9bd471ab513f41b7bbeb0ff8f22f286df0a26
994f33dced877618bb90509432c7ce2105e8a3566f0e1a43c7cb187655bac901
9cc48ef35dadcc4c9680732f95fb46e2fb041df2d88c34904de49013894f9593
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9eafcbc4603f719c93d1571c81273154efa5975fd565b936d498a23e02a1cd46
9ed7b35b6198ddcae4a6acde583762bf5780b1fe304bf1e10e487badc4ed36e9
9f7dc0e38aae53ec15afb475a987476007023e1cd1102f288da4e503bae39b7a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a176900296ad3bb9f3b394e8785e7e85d5a38bd229af8781f6f7f5af70414ea6
a4ae165aadeae075c21a401032220d66ffb9ea428016cbfc81fc84856ba5107e
a8ea1d31523b7ec5f2609cc44ea6ceaf1c2737096251e90d4c1f03f41770f2bc
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a
aafe174d122ef7d3d206b8e7566ad9beb0a5c3d41f1268dba01ff7f71412f0e5
adcf36b1f771f81ac0abac840def18c4263c38e56f78a58735534415c7e32b00
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b160d41fa5c36c7660374027a6d5315a49f719c9a3e580e363a0505cc038b2b0
b41a17e937ad1280edb17ba6dc49ed70676cccdab3be42cf183b51b8287aff5e
b41a352fd34a7d6db55e61362ee66af6ef397f68acb101017e7657d4ee89cf6a
b4b9044673e0dbf5d355014a286851375397aadccc29e53d3b2fec0aeb056399
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bbf056522aaca03f446892c920a353bf4dfe24d8c697a052cd9ec255142327dd
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be005c5a047b274ed69178b01601024cbb0334461e64d658a2825f65c91e7ccb
bf27bcc78a9f8ee97d26a0958b4e2bfd804f93d2f308aa560ec962f19639566a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2449feade421f91c88d79c7966e4f36b2e5f25d2f5c4b4ee3edb8ccb61ffde2
c6ea1a8223a1a88f3fc97d307cd642faee8d8ca9be720578ea24f27eea0e4b2f
ca972fc986f1159ca681e7f46855f50d42d6311401850e11c84ab51d3f0ef3af
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb
cca9240352292cfb0df812adab56adbf84e03dcd05ba1ea159a9e506c117cebf
cd7f33622e40202167bc44d183879d25497b1e66c51cebb21175b06711e68ce3
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
cf929d38842802dfceed4b409b48145f6cece9900357e1bb1a9fe22e5c6e1543
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d17ba6a777a2d2935c88d758a515856909d2320b05ffc5edf736a4e500bf3607
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d260be8d620406cd51bfc7496800d67991fe2cba83e273926a470bf4a96be397
d3d80c90059ffbbd3d467217d57da976efae6fee6bb63190a7dd688b18b67aff
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d8d26986018cd62496d1071f0f70b61a92574a009ce90c360ef3c36a4a2b6055
e08cf3cf3803970e3a67dad6201655006c5172b57d0d0a004eb09ed9005fa9f8
e1c43fe95d2f0c8a87bab438e74e3354047e028ed06529a5346408fd1dcd9782
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea622dfe5fbda571fa79938fdf49371432560ed8274b1aa41650a8c76733d281
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed6eed286328fc77c2e3c3827dac2bb85657b3103f18e6e9ef0e253a538a454c
edf01bc48918b8cda994a523fae4f0bc4accbcb81876f2c35d744d0af6da912c
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f02c3e72905291807d630c8c58b701614274ba016a4170f24b3239ef7e317a8d
f1021bdb5ffeb515a31254dbaa37a53a9eb7da7500db00f6e54c9bf7a8ad7325
f1490cb33030e642d11eaa1230e46935857ec093d5f9df98ed563810b2d3058e
f325a9124cb921e418693fb27a942ecc670b375a35732e30524819ab7a7cd78a
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f75e1bbca672b869ac0799c300c0901f0bf6e4f53c32c20387179563b848bf7f
f7a945358d0b8f02497da00b71789a72716da71e387711b640e2b17be954bd8c
f7e959694480b76a506ab2b13a5e01f431506c81700a060dd0eab33cf5e41af0
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92
fc6bfcf97a5ecac712579f8befdb7ab0f43d548b4b89849fbf307a6d58472e6c