urlscan.io logo urlscan.io
SecurityTrails logo

dailyjournal.net Open in urlscan Pro
2606:4700:20::681a:171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mrgunsngear.org/3FRbWhG
Effective URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Submission: On December 24 via api from LV — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 13 countries across 104 domains to perform 390 HTTP transactions. The main IP is 2606:4700:20::681a:171, located in United States and belongs to CLOUDFLARENET, US. The main domain is dailyjournal.net. The Cisco Umbrella rank of the primary domain is 456224.
TLS certificate: Issued by E1 on December 8th 2022. Valid for: 3 months.
This is the only time dailyjournal.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.12 396982 (GOOGLE-CL...)
36 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
8 2606:2800:233... 15133 (EDGECAST)
4 148.66.196.157 13649 (ASN-VINS)
6 2.18.37.67 16625 (AKAMAI-AS)
1 20.60.62.4 8075 (MICROSOFT...)
1 3 34.200.172.80 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 23.62.221.169 16625 (AKAMAI-AS)
1 3.226.30.185 14618 (AMAZON-AES)
2 199.232.18.132 54113 (FASTLY)
15 2600:9000:213... 16509 (AMAZON-02)
1 130.211.10.17 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:a00... 54113 (FASTLY)
3 64.202.112.63 22075 (AS-OUTBRAIN)
18 2a00:1450:400... 15169 (GOOGLE)
1 20.13.96.71 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 65.9.71.118 16509 (AMAZON-02)
8 2600:9000:206... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
2 185.64.190.77 62713 (AS-PUBMATIC)
2 3 2.18.79.136 20940 (AKAMAI-ASN1)
34 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
4 2.18.36.193 16625 (AKAMAI-AS)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
2 2606:2800:133... 15133 (EDGECAST)
18 2a00:1450:400... 15169 (GOOGLE)
1 147.75.85.234 54825 (PACKET)
2 104.18.33.19 13335 (CLOUDFLAR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 104.26.4.15 13335 (CLOUDFLAR...)
1 5 34.98.64.218 396982 (GOOGLE-CL...)
1 54.231.228.41 16509 (AMAZON-02)
1 10 2a00:1450:400... 15169 (GOOGLE)
2 3 2001:678:cb4:... 56396 (AMOBEE)
11 19 142.250.180.226 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
8 8 18.197.255.208 16509 (AMAZON-02)
3 3 213.155.156.180 1299 (TWELVE99 ...)
3 5 172.64.154.237 13335 (CLOUDFLAR...)
1 185.86.137.107 201081 (SMARTADSE...)
3 162.19.138.119 16276 (OVH)
1 34.120.133.55 396982 (GOOGLE-CL...)
3 34.252.235.208 16509 (AMAZON-02)
8 15.197.193.217 16509 (AMAZON-02)
1 1 3.69.181.174 16509 (AMAZON-02)
1 3 198.47.127.19 62713 (AS-PUBMATIC)
2 13.85.16.224 8075 (MICROSOFT...)
2 2 185.29.134.248 30419 (MEDIAMATH...)
12 185.64.189.110 62713 (AS-PUBMATIC)
6 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
2 4 52.95.125.22 16509 (AMAZON-02)
2 3 37.252.171.52 29990 (ASN-APPNEX)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 23.23.131.203 14618 (AMAZON-AES)
6 6 52.212.224.242 16509 (AMAZON-02)
2 3 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.139.106 201081 (SMARTADSE...)
2 2 151.101.66.49 54113 (FASTLY)
1 1 35.214.223.115 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
2 2 213.19.147.45 3356 (LEVEL3)
1 5.161.47.120 213230 (HETZNER-C...)
1 72.251.241.206 32475 (SINGLEHOP...)
1 1 141.95.171.139 16276 (OVH)
1 1 141.94.171.215 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
2 2 37.157.6.233 198622 (ADFORM)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 1 141.95.97.231 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.242 21859 (ZEN-ECN)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 2 37.252.171.21 29990 (ASN-APPNEX)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
1 44.195.176.242 14618 (AMAZON-AES)
2 13.69.106.215 8075 (MICROSOFT...)
1 184.51.8.30 16625 (AKAMAI-AS)
2 172.64.151.162 13335 (CLOUDFLAR...)
2 23.64.52.128 16625 (AKAMAI-AS)
1 143.204.89.32 16509 (AMAZON-02)
1 35.186.193.173 15169 (GOOGLE)
1 1 52.220.229.2 16509 (AMAZON-02)
1 2 54.80.38.94 14618 (AMAZON-AES)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 1 141.94.170.77 16276 (OVH)
1 13.225.78.116 16509 (AMAZON-02)
1 3 52.46.130.91 16509 (AMAZON-02)
1 7 185.80.39.216 27381 (CASALE-MEDIA)
2 2 162.19.80.92 16276 (OVH)
2 2 3.123.245.15 16509 (AMAZON-02)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 69.173.144.139 26667 (RUBICONPR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.58.62 396982 (GOOGLE-CL...)
1 2600:9000:213... 16509 (AMAZON-02)
1 216.52.2.19 32475 (SINGLEHOP...)
1 69.166.1.8 27630 (AS-XFERNET)
3 69.166.1.10 ()
1 1 193.0.160.128 ()
390 98
1    67.199.248.12 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com
mrgunsngear.org
36    2606:4700:20::681a:171 (United States)

ASN13335 (CLOUDFLARENET, US)
dailyjournal.net
3    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.wgchrrammzv.com
cdn.mircheigeshoa.com
cdn.godiciardstia.com
cdn.pranmcpkx.com
cdn.czx5eyk0exbhwp43ya.biz
4    148.66.196.157 (Plano, United States)

ASN13649 (ASN-VINS, US)
liqwid.net
6    2.18.37.67 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-67.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    20.60.62.4 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prodmg2.blob.core.windows.net
3    34.200.172.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-172-80.compute-1.amazonaws.com
get.civicscience.com
www.civicscience.com
1    2600:9000:223f:4600:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2zqfs55y95cft.cloudfront.net
2    2a00:1450:400d:808::2014 (Ireland)

ASN15169 (GOOGLE, US)
japfg-trending-content.appspot.com
4    2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    23.62.221.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-221-169.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    3.226.30.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-30-185.compute-1.amazonaws.com
www.civicscience.com
2    199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
15    2600:9000:2134:4e00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.sekindo.com
live.primis.tech
1    130.211.10.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.10.211.130.bc.googleusercontent.com
www.justapinch.com
3    2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
17    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
5    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
18    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
log.outbrainimg.com
1    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
2    65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net
c.amazon-adsystem.com
8    2600:9000:206e:e400:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
video.primis.tech
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
34    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
39    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:2057:8400:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
4    2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
2    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
18    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    104.26.4.15 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
liqwid-d.openx.net
justapinch-com-d.openx.net
eu-u.openx.net
us-u.openx.net
1    54.231.228.41 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
10    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
19    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
cm.g.doubleclick.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
8    18.197.255.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-255-208.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
5    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
3    34.252.235.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
8    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    3.69.181.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-174.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-aim-proxy-connext.azurewebsites.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
12    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    23.23.131.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-131-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    52.212.224.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-224-242.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.95.171.139 (France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
1    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel-eu.onaudience.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    2a05:d018:d29:3602:f84d:3d72:727e:650c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    141.95.97.231 (France)

ASN16276 (OVH, FR)
PTR: haproxy-eu-002.roqad.pl
ws.rqtrk.eu
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2606:4700:20::ac43:49cc (United States)

ASN13335 (CLOUDFLARENET, US)
www.tribtown.com
tribtown.com
1    2600:9000:2057:cc00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    44.195.176.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-176-242.compute-1.amazonaws.com
ping.chartbeat.net
2    13.69.106.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    184.51.8.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-30.deploy.static.akamaitechnologies.com
contextual.media.net
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    23.64.52.128 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-128.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    143.204.89.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-32.fra50.r.cloudfront.net
ats.rlcdn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
2    54.80.38.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-38-94.compute-1.amazonaws.com
a.audrte.com
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
1    13.225.78.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-116.fra2.r.cloudfront.net
geo.privacymanager.io
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu
gu.dyntrk.com
2    3.123.245.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-245-15.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
www.americanhometownmedia.com
1    2600:9000:2134:4400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    69.166.1.10 (None, )

ASN- ()
sync.go.sonobi.com
1    193.0.160.128 (None, )

ASN- ()
p.rfihub.com
Apex Domain
Subdomains		 Transfer
79 googlesyndication.com
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
1 MB
49 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
207 KB
36 dailyjournal.net
dailyjournal.net — Cisco Umbrella Rank: 456224
955 KB
31 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
image4.pubmatic.com — Cisco Umbrella Rank: 824
simage4.pubmatic.com — Cisco Umbrella Rank: 1176
aud.pubmatic.com — Cisco Umbrella Rank: 4185
105 KB
23 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2398
video.primis.tech — Cisco Umbrella Rank: 6021
3 MB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
5 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
11 KB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
eus.rubiconproject.com — Cisco Umbrella Rank: 529
token.rubiconproject.com — Cisco Umbrella Rank: 563
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
14 KB
11 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1353
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3225
odb.outbrain.com — Cisco Umbrella Rank: 1545
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5613
mv.outbrain.com — Cisco Umbrella Rank: 3002
141 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
428 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
53 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
2 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
3 KB
7 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
1 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
3 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 414
5 KB
5 openx.net
liqwid-d.openx.net — Cisco Umbrella Rank: 247842
justapinch-com-d.openx.net — Cisco Umbrella Rank: 60943
eu-u.openx.net — Cisco Umbrella Rank: 2031
us-u.openx.net — Cisco Umbrella Rank: 411
19 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
40 KB
5 gstatic.com
fonts.gstatic.com
99 KB
4 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1452
sync.go.sonobi.com
3 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
192 KB
4 civicscience.com
get.civicscience.com — Cisco Umbrella Rank: 13817
www.civicscience.com — Cisco Umbrella Rank: 3789
620 B
4 liqwid.net
liqwid.net — Cisco Umbrella Rank: 92147
179 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
741 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
1 KB
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
849 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
873 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
r.turn.com — Cisco Umbrella Rank: 3099
1 KB
3 pranmcpkx.com
cdn.pranmcpkx.com — Cisco Umbrella Rank: 37984
318 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 9184
flint.defybrick.com — Cisco Umbrella Rank: 8856
20 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 595
2 KB
3 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 68
39 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
3 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383
94 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 972
843 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3765
626 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
1 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1899
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
2 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 803
857 B
2 tribtown.com
www.tribtown.com — Cisco Umbrella Rank: 705849
tribtown.com — Cisco Umbrella Rank: 393287
577 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
1 KB
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12965
pixel.onaudience.com — Cisco Umbrella Rank: 3040
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
747 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
1 KB
2 azurewebsites.net
prod-aim-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 317638
1 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 802
ats.rlcdn.com — Cisco Umbrella Rank: 1641
38 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 413
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 761
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
867 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1148
contextual.media.net — Cisco Umbrella Rank: 540
9 KB
2 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2191
44 KB
2 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 8965
log.outbrainimg.com — Cisco Umbrella Rank: 2531
787 B
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 832
136 KB
2 appspot.com
japfg-trending-content.appspot.com — Cisco Umbrella Rank: 60907
2 KB
1 rfihub.com
p.rfihub.com
732 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
527 B
1 americanhometownmedia.com
www.americanhometownmedia.com — Cisco Umbrella Rank: 73368
103 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
704 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1638
592 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3084
644 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4752
369 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1227
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1412
15 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
464 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
104 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 2152
336 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
382 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16075
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
283 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
277 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
226 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
613 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
524 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
588 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 658
363 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122
403 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2993
541 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12945
559 B
1 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 36728
1 KB
1 czx5eyk0exbhwp43ya.biz
cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 31380
3 KB
1 db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 24219
785 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
277 B
1 godiciardstia.com
cdn.godiciardstia.com — Cisco Umbrella Rank: 51559
216 KB
1 mircheigeshoa.com
cdn.mircheigeshoa.com — Cisco Umbrella Rank: 52053
20 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
1 KB
1 wgchrrammzv.com
cdn.wgchrrammzv.com — Cisco Umbrella Rank: 36442
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1392
571 B
1 justapinch.com
www.justapinch.com — Cisco Umbrella Rank: 57083
22 KB
1 sekindo.com
live.sekindo.com — Cisco Umbrella Rank: 68273
18 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
17 KB
1 cloudfront.net
d2zqfs55y95cft.cloudfront.net
37 KB
1 windows.net
prodmg2.blob.core.windows.net — Cisco Umbrella Rank: 55340
144 KB
1 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 26446
11 KB
1 mrgunsngear.org
mrgunsngear.org
293 B
0 agkn.com Failed
fid.agkn.com Failed
0 therepublic.com Failed
www.therepublic.com Failed
390 104
Domain Requested by
39 pagead2.googlesyndication.com b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
dailyjournal.net
www.googletagservices.com
az416426.vo.msecnd.net
36 dailyjournal.net dailyjournal.net
34 tpc.googlesyndication.com b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
dailyjournal.net
securepubads.g.doubleclick.net
19 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
18 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
az416426.vo.msecnd.net
dailyjournal.net
15 live.primis.tech live.sekindo.com
live.primis.tech
dailyjournal.net
12 simage2.pubmatic.com ads.pubmatic.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
10 www.googletagservices.com dailyjournal.net
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
8 match.adsrvr.org live.primis.tech
dailyjournal.net
ads.pubmatic.com
ssum-sec.casalemedia.com
8 x.bidswitch.net 8 redirects
8 video.primis.tech dailyjournal.net
az416426.vo.msecnd.net
7 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
7 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 match.prod.bidr.io 6 redirects
6 image2.pubmatic.com ads.pubmatic.com
6 b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
az416426.vo.msecnd.net
dailyjournal.net
5 fonts.gstatic.com fonts.googleapis.com
5 widgets.outbrain.com dailyjournal.net
widgets.outbrain.com
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 ads.pubmatic.com liqwid.net
live.primis.tech
ads.pubmatic.com
4 www.googletagmanager.com dailyjournal.net
cdn.godiciardstia.com
4 liqwid.net dailyjournal.net
liqwid.net
3 sync.go.sonobi.com
3 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 bh.contextweb.com 2 redirects
3 ib.adnxs.com 2 redirects az416426.vo.msecnd.net
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 d5p.de17a.com 3 redirects
3 cdn.pranmcpkx.com loader-cdn.azureedge.net
cdn.pranmcpkx.com
3 ads.stickyadstv.com 2 redirects live.primis.tech
3 mcdp-nydc1.outbrain.com widgets.outbrain.com
3 lh3.googleusercontent.com dailyjournal.net
3 www.civicscience.com get.civicscience.com
3 fonts.googleapis.com dailyjournal.net
live.primis.tech
2 cdn.confiant-integrations.net www.googletagmanager.com
cdn.confiant-integrations.net
2 pm.w55c.net 2 redirects
2 gu.dyntrk.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 a.audrte.com 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 eus.rubiconproject.com liqwid.net
eus.rubiconproject.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 secure.adnxs.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 sync.mathtag.com 2 redirects
2 prod-aim-proxy-connext.azurewebsites.net cdn.pranmcpkx.com
2 id5-sync.com live.primis.tech
2 ad.turn.com 2 redirects
2 liqwid-d.openx.net liqwid.net
liqwid-d.openx.net
2 htlb.casalemedia.com liqwid.net
az416426.vo.msecnd.net
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
cdn.pranmcpkx.com
2 flint.defybrick.com rock.defybrick.com
dailyjournal.net
2 hbopenbid.pubmatic.com live.primis.tech
liqwid.net
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 static.xx.fbcdn.net www.facebook.com
2 japfg-trending-content.appspot.com dailyjournal.net
1 p.rfihub.com 1 redirects
1 dsum.casalemedia.com 1 redirects
1 us-u.openx.net
1 eu-u.openx.net 1 redirects
1 justapinch-com-d.openx.net az416426.vo.msecnd.net
1 apex.go.sonobi.com az416426.vo.msecnd.net
1 ap.lijit.com az416426.vo.msecnd.net
1 www.americanhometownmedia.com dailyjournal.net
1 px.ads.linkedin.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 geo.privacymanager.io ats.rlcdn.com
1 pixel.onaudience.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ats.rlcdn.com ads.pubmatic.com
1 js-sec.indexww.com liqwid.net
1 contextual.media.net liqwid.net
1 ping.chartbeat.net
1 static.chartbeat.com dailyjournal.net
1 tribtown.com
1 www.tribtown.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 lb.eu-1-id5-sync.com live.primis.tech
1 1f2e7.v.fwmrm.net 1 redirects
1 id.crwdcntrl.net live.primis.tech
1 api.rlcdn.com live.primis.tech
1 ssbsync.smartadserver.com googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 r.turn.com googleads.g.doubleclick.net
1 paywall-ad-bucket.s3.amazonaws.com dailyjournal.net
1 cdn.czx5eyk0exbhwp43ya.biz cdn.pranmcpkx.com
1 api-mg2.db-ip.com cdn.mircheigeshoa.com
1 prebid.media.net liqwid.net
1 fastlane.rubiconproject.com liqwid.net
1 prebid.a-mo.net liqwid.net
1 cdn.godiciardstia.com loader-cdn.azureedge.net
1 cdn.mircheigeshoa.com loader-cdn.azureedge.net
1 rock.defybrick.com widgets.outbrain.com
1 cdn.jsdelivr.net live.primis.tech
1 cdn.wgchrrammzv.com loader-cdn.azureedge.net
1 log.outbrainimg.com widgets.outbrain.com
1 mv.outbrain.com widgets.outbrain.com
1 polyfill.io loader-cdn.azureedge.net
1 www.justapinch.com dailyjournal.net
1 live.sekindo.com dailyjournal.net
1 odb.outbrain.com widgets.outbrain.com
1 widget-pixels.outbrain.com dailyjournal.net
1 tcheck.outbrainimg.com widgets.outbrain.com
1 www.facebook.com dailyjournal.net
1 d2zqfs55y95cft.cloudfront.net dailyjournal.net
1 get.civicscience.com 1 redirects
1 prodmg2.blob.core.windows.net dailyjournal.net
1 loader-cdn.azureedge.net dailyjournal.net
1 mrgunsngear.org 1 redirects
0 fid.agkn.com Failed az416426.vo.msecnd.net
0 www.therepublic.com Failed dailyjournal.net
390 148
Subject Issuer Validity Valid
*.dailyjournal.net
E1		 2022-12-08 -
2023-03-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-10-25 -
2023-10-25		 a year crt.sh
*.liqwid.net
Go Daddy Secure Certificate Authority - G2		 2022-12-20 -
2023-12-31		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-12-18 -
2023-12-18		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.civicscience.com
Amazon		 2022-05-03 -
2023-06-02		 a year crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2022-10-24 -
2023-11-22		 a year crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2022-05-03 -
2023-05-08		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
sni2bf2bgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
rock.defybrick.com
Amazon		 2022-05-09 -
2023-06-07		 a year crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2022-11-25 -
2023-02-23		 3 months crt.sh
sni2bf2fgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2agl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
snibe7egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-31 -
2023-03-03		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01		 2022-03-14 -
2023-03-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 06		 2022-11-21 -
2023-11-16		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.confiant-integrations.net
E1		 2022-11-24 -
2023-02-22		 3 months crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-05-12 -
2023-06-13		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh

This page contains 62 frames:

Primary Page: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Frame ID: 2BCA43D42B5B16EDB3C7172E8B5B237D
Requests: 157 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: 1FEC1381DAC77534819803856404166A
Requests: 3 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898&csuuid=63a782fd18062&r_csuuid=1&cbuster=1671922429&pubUrlAuto=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 3694D5E747BA79C2022A8A56DD23FD36
Requests: 23 HTTP requests in this frame

Frame: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78662B5DADCA77892A67D1636ECFB685
Requests: 1 HTTP requests in this frame

Frame: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 06460077894242CA472BED7CE1E79137
Requests: 13 HTTP requests in this frame

Frame: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 252936E173343B694E9DA04ADE359E98
Requests: 13 HTTP requests in this frame

Frame: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04A6A54F7BA0374D5069EA389ABBB5D8
Requests: 14 HTTP requests in this frame

Frame: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F6E67195E364952AABED32677FF145C
Requests: 13 HTTP requests in this frame

Frame: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 84B1AE36EDC6FF835FEEBF9A600DCB71
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: B6B1826787C4BC5721D72C1F422554C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&adk=1812271804&adf=3279755401&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922429973&bpp=3&bdt=427&idt=370&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&nras=1&correlator=7747638681055&frm=24&ife=3&pv=2&ga_vid=1455683657.1671922431&ga_sid=1671922431&ga_hid=1926518708&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1155052577080655&tmod=344034424&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.11u5mae1v6s6&fsb=1&dtd=567
Frame ID: 33978EA3534904ADDCE9F4F28460AEDE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&adk=1812271804&adf=3279755400&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430080&bpp=3&bdt=475&idt=290&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&nras=1&correlator=8353040414440&frm=24&ife=3&pv=2&ga_vid=1652596345.1671922431&ga_sid=1671922431&ga_hid=857961805&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071220%2C44780792&oid=2&pvsid=4297324316398616&tmod=1696691006&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ouvhtb20ezn4&fsb=1&dtd=490
Frame ID: 991C0B075E3936F51A319C9351845E98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=4266025097&adk=3265387130&adf=3173046728&pi=t.ma~as.4266025097&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922429973&bpp=1&bdt=427&idt=465&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7747638681055&frm=24&ife=3&pv=1&ga_vid=1455683657.1671922431&ga_sid=1671922431&ga_hid=1926518708&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1155052577080655&tmod=344034424&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.pz1yuib4rh7y&fsb=1&dtd=604
Frame ID: E40A17EE3203F8692B37D1920FC7D4B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Frame ID: 61850080BCB74FF609CB5DD6C807E588
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&adk=1812271804&adf=3279755402&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430110&bpp=3&bdt=487&idt=373&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&nras=1&correlator=7415080145261&frm=24&ife=3&pv=2&ga_vid=1190987994.1671922431&ga_sid=1671922431&ga_hid=1915413155&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774649%2C44774653%2C44778608%2C44780792&oid=2&pvsid=32283905124398&tmod=275441176&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9ic8gnuxwft7&fsb=1&dtd=496
Frame ID: D229767E77DAC7DEF0E4F2375EA70F15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046726&pi=t.ma~as.4276895084&w=300&format=300x250&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430162&bpp=3&bdt=544&idt=337&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=6860328260084&frm=24&ife=3&pv=2&ga_vid=179632539.1671922431&ga_sid=1671922431&ga_hid=19606477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=4498570735256235&tmod=182861204&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.o87l8ukx0xtd&fsb=1&dtd=457
Frame ID: D8CB5C305BE7699E885D6BDFE930453D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=3083013359&adk=3570903784&adf=3173046727&pi=t.ma~as.3083013359&w=300&format=300x250&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430080&bpp=1&bdt=474&idt=434&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8353040414440&frm=24&ife=3&pv=1&ga_vid=1652596345.1671922431&ga_sid=1671922431&ga_hid=857961805&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071220%2C44780792&oid=2&pvsid=4297324316398616&tmod=1696691006&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bqnwdkygz0ks&fsb=1&dtd=626
Frame ID: 396E16BA2D1292FFE7B9A00074865D11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=3083013359&adk=3570903784&adf=3173046725&pi=t.ma~as.3083013359&w=300&format=300x250&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430110&bpp=1&bdt=487&idt=441&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7415080145261&frm=24&ife=3&pv=1&ga_vid=1190987994.1671922431&ga_sid=1671922431&ga_hid=1915413155&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774649%2C44774653%2C44778608%2C44780792&oid=2&pvsid=32283905124398&tmod=275441176&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5f9tkhuey8lk&fsb=1&dtd=607
Frame ID: 94D4E6825B0788ED27AE88598543EAEA
Requests: 1 HTTP requests in this frame

Frame: https://liqwid-d.openx.net/w/1.0/jstag
Frame ID: A49B756FFDD4A6BC5BD1129B21407B6D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E48530C9136813443E8563973C3BAADF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 288A7006C0D8491699C63B1A7D0BC2C6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C2D02EFC432AC47FEDD949EAB958320
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 546BD81B421271C3A756AA7C65E856BF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7220A42D0101FB9DF32E3D4F64AE4A67
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2505834577C1BD46D5D76AD3390C4D39
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D24B9B33A16DC309058C0D145DB01EED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E7657C948FF0E138337919BC31911B9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4DC1760B779432B23F57828708AD37E9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3BF7B35CA23134115797DBE869147F9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 973EC474F9D8A1CDCFEF1B9E7378ADB9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81E215CA4A7D866A14B5AA022FF61066
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Frame ID: 3F0D903C0F15359381C275F07225CAE3
Requests: 20 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:991b63a7-82ff-4b00-a6c7-245c934cbce9&gdpr=0&gdpr_consent=
Frame ID: 6E75CA100F56A0F57D2E2B37F25CD1E8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6332161526117260734
Frame ID: 2D7B5D2C067E20435FF8D3E336AACFDC
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 24B58848295F04EC94E633B0A598B359
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 401CF1E69753F44CE53C750AF024EE6B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4203139841800031892&gdpr=0&gdpr_consent=
Frame ID: 5BC68F3C02C5BA6A358820C15F346606
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h
Frame ID: 50BB627CF7C780BF1BC03A99107608E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180852162609150106&gdpr=0&gdpr_consent=
Frame ID: 4F4B026BE0A49C41B239673D021312FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3ZOejCisSTFJ0AeQ8YTrUNlAlyA
Frame ID: F71AEE9E4B2EAD426F1FE981ECB2936E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH3cU7HTwYAACERpKCQjQ&gdpr=0&gdpr_consent=
Frame ID: 5870E1621EB61EB9FABDB7CC55C8D31D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6eC-wAGe4K50QAZ&gdpr=0&gdpr_consent=&_test=Y6eC-wAGe4K50QAZ
Frame ID: AF7DF34825EC97F14DF7DFDB4C6D8A56
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 60159A7A16F17E5A530E4308401688B4
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 83C3251D522C821279723FD904FD9B4E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D504930252EA8125800A97A9081D936F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2396167528
Frame ID: 13937E26A27CD2C190C6AD4A3351DF10
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: AAB5DEA58FBCFBAFF6AAD1EAD52A166B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F30A141C7F0853B5B76188A3F184DEE1
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=110a19310ec5d810/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbbagbRYbanjVQSba
Frame ID: 9F23AC246315BD1D20BF0F0F1D1DE37B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 2AB20B2C91045613117955F77C50DAD7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 137EB0B99C9BC51C73904BCB69BA0E0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7F07CEE0E9D48632743B026252F9995
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU528VIH&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C2040%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 2DBB8390D55F87CACD69F600B99C2CBD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F039F2AA211444FA7D3DB39559DF8595
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 69847C4AF975A5A29124BFB56F5A2016
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Frame ID: DEBBC2B7CC985F0CB8369B43F02D140E
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 497946234E8843DC2AAABFA3ECC0F4A3
Requests: 10 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2929355F459F17451D2E97903ED09417
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=28w7cq352qfl
Frame ID: 7D393C7CBAC9A2B19296CE47CE9773EC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3AD6E96DB69647639DFDE4733FA73FF9&gdpr=0&gdpr_consent=
Frame ID: 51CEFAAF38CC2BCE983EB1C1AADDD884
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst15CqXv4GsofgXJygE7fRlEt5MsSoxocFTkm9KXSMy156JRxt6zAoVCofEXx6N4g4wPKLY4EbHmfLMkqni79eK2zzSm5ecaHRsxg7fSqXxkkcniFzZOwIT31Lj00yLBern1st_EHYk6WdSL-gRq1epKvYes49cE77eSXblcrQ4nYU4mfvxSddFh0li1wBJercRo0aTSlXuEKzW1-QeIXAkgJgRDx0dzyKMwAvg_25EebYobU3aR8xxSJRBthO49zygeQPVsNm_5AwKgYz0Y5rPhiuHbV4r_O5gqCbx-YHsQ0kYuVZQCKrEB-M0yuZpGuVzf8GJimnadULag4TNZg&sai=AMfl-YSYDUlbmzIu4W-uZdgDYLMyJ5QkAujiQW0MkZtHpRYaez3opc77AKXP-5tnG3nSIoGsTAA-691tDsnd-6bC2hSyM_qTRCBx6_aLrWEvj_ncphCH1G6QOArHakzC7LYQsw&sig=Cg0ArKJSzJxz34C5CKSNEAE&uach_m=[UACH]&adurl=
Frame ID: 0E81CF56B9BF06BAA961F2F51A31CE48
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPKO82eIaXNup8dQhEV6KSuzIHSE2gZWhGx_WnM9H6tmGZsiMAhJWpL1YbYXvSjGppJ-O6MxpIGDnksbkjEdv0srx47b8CB-AiRcdjfi_7B9dd4228qrCrXXXI4yGBbRFtMqD_ff3i1f-un3YJ0B0LyZyRoNkJYAnFl3SyWFmDcPg0A26drtN1z_H0mAcmOt7nd2F92YCOXZI9CWXJbvknoiz30OlDdfRH7Gul4JXjBGcL2XoDoM-1Wm7zyXYvD9HbI0KjqN_tsKy39Hm6kn-4VjjUQDPmnwAxK2wdyQpD36XVZL7RothYZJ67czU4rLMD1u8dDo1rBf4PbUr2rQ&sai=AMfl-YTDQvJ_Q3yOY_eGkSWAurEgW5zlJB5rKU7o6mqCEyVtlgzkTxWuiphuZkalnAWMNP24_PQ9-cirBY2jL-ymgZzMC_eYzeWZJ5Llv6ZKVqUfRKiQ5Nl0tNwHKpLvhxBjow&sig=Cg0ArKJSzIe4Xw0YaKJ2EAE&uach_m=[UACH]&adurl=
Frame ID: 262516D7C303A6232F5CD7AACA6A034B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Police: ‘No clear motive’ for Greenwood Park Mall shooter - Daily Journal

Page URL History Show full URLs

  1. https://mrgunsngear.org/3FRbWhG HTTP 301
    https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

390
Requests

88 %
HTTPS

30 %
IPv6

104
Domains

148
Subdomains

98
IPs

13
Countries

8614 kB
Transfer

18974 kB
Size

128
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mrgunsngear.org/3FRbWhG HTTP 301
    https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://get.civicscience.com/jspoll/5/csw-polyfills.js HTTP 302
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Request Chain 221
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGRDj8wPI06dkeIN_Uf7njw&google_cver=1&google_push=AavPq0NUxd02hLZ4bZiJXW4zsjeMSIvrlDazYuVpteGGLUuSH-Vuw6oW6li9pQdXh0MbswDkOtxHtQR7qR_CHktnyh7781vIbGfaxac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA3NzA0Mzc0MzEyOTM1NzYzMA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRDj8wPI06dkeIN_Uf7njw&google_cver=1
Request Chain 222
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEC8HZAwWc9ouK9guzswflRQ&google_cver=1&google_push=AavPq0NPfrwAl2LmfY5pgXzqilfWBJUmgcZ79JNhv7RXOWk6HmS4OfMaFhdJHUpmIKSZWDTttJ820ylGE6_3r1Vki9ZZviYGM12X43Hm HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=PZdNkm9JTZKG5VytbIxOww2&google_push=AavPq0NPfrwAl2LmfY5pgXzqilfWBJUmgcZ79JNhv7RXOWk6HmS4OfMaFhdJHUpmIKSZWDTttJ820ylGE6_3r1Vki9ZZviYGM12X43Hm
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDZr_Tak47P4mhRZUc7Pqq0&google_cver=1&google_push=AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnSQWUyn3iqKTQDxNFQI_ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDZr_Tak47P4mhRZUc7Pqq0&google_cver=1&google_push=AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnSQWUyn3iqKTQDxNFQI_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnSQWUyn3iqKTQDxNFQI_&google_hm=DUP2ZRwJR1i9wZ5yX5nl2g==
Request Chain 224
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFZxtovPNsF2wN7MNOJGIWw&google_cver=1&google_push=AavPq0MRnGpbw9aYCM0VVhvgnW43FJnWOzw5VCGL7EtK4dy0lbgYUlHAmljVEFJZFy36baCWnAkO8aIkrSMSHglwQhN2hFDmVtOD3Y0 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFZxtovPNsF2wN7MNOJGIWw&google_cver=1&google_push=AavPq0MRnGpbw9aYCM0VVhvgnW43FJnWOzw5VCGL7EtK4dy0lbgYUlHAmljVEFJZFy36baCWnAkO8aIkrSMSHglwQhN2hFDmVtOD3Y0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MRnGpbw9aYCM0VVhvgnW43FJnWOzw5VCGL7EtK4dy0lbgYUlHAmljVEFJZFy36baCWnAkO8aIkrSMSHglwQhN2hFDmVtOD3Y0
Request Chain 225
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_cver=1&google_push=AavPq0ODJnUSP15PqvYRGyeO1p6HrKxquyNKXRtZNCKzhS_7h7go_yk4CZJoNLqycRcAKkw_XfODRnAS_kvrheJvJWMDd2WbV1sqUic HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_push=AavPq0ODJnUSP15PqvYRGyeO1p6HrKxquyNKXRtZNCKzhS_7h7go_yk4CZJoNLqycRcAKkw_XfODRnAS_kvrheJvJWMDd2WbV1sqUic&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_hm=Y6eC_6pcwMc0WqeJpHpdkQAABH4AAAIB&google_nid=index&google_push=AavPq0ODJnUSP15PqvYRGyeO1p6HrKxquyNKXRtZNCKzhS_7h7go_yk4CZJoNLqycRcAKkw_XfODRnAS_kvrheJvJWMDd2WbV1sqUic
Request Chain 227
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENFCQON8rN_oKM4bVG-sVx8&google_cver=1&google_push=AavPq0NYwyJB3IqZXn0DGzVeJgXh8JApyDZShJ6t-Qr2ydb_ecw9P1xzzF7dptbU5HBMb4Je0FD83aFe473NgECdi8r2MSkjewqyE1rSvQ HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENFCQON8rN_oKM4bVG-sVx8&google_cver=1&google_push=AavPq0NYwyJB3IqZXn0DGzVeJgXh8JApyDZShJ6t-Qr2ydb_ecw9P1xzzF7dptbU5HBMb4Je0FD83aFe473NgECdi8r2MSkjewqyE1rSvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0d43f665-1c09-4758-bdc1-9e725f99e5da&%%GOOGLE_PUSH_PAIR%%
Request Chain 229
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 244
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=549012f8ba2f8c5a156cd3ed5ce227&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dundefined&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v2e3f_7180852162594343964&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
Request Chain 256
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:991b63a7-82ff-4b00-a6c7-245c934cbce9&gdpr=0&gdpr_consent=
Request Chain 257
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6332161526117260734
Request Chain 259
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 260
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4203139841800031892&gdpr=0&gdpr_consent=
Request Chain 261
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h
Request Chain 262
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180852162609150106&gdpr=0&gdpr_consent=
Request Chain 263
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3ZOejCisSTFJ0AeQ8YTrUNlAlyA
Request Chain 264
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIM2NVN0hUd1lBQUNFUnBLQ1FqUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAH3cU7HTwYAACERpKCQjQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAH3cU7HTwYAACERpKCQjQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAH3cU7HTwYAACERpKCQjQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4808890107944590772&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH3cU7HTwYAACERpKCQjQ&gdpr=0&gdpr_consent=
Request Chain 265
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y6eC-wAGe4K50QAZ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6eC-wAGe4K50QAZ&gdpr=0&gdpr_consent=&_test=Y6eC-wAGe4K50QAZ
Request Chain 266
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 267
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 269
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671922431616 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2396167528
Request Chain 272
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=110a19310ec5d810/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbbagbRYbanjVQSba
Request Chain 273
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WdOOig8ORXaifaR-WAV9Kw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 276
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3587814344 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=59D38E8A-0F0E-4576-A27D-A47E58057D2B
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTlEMzhFOEEtMEYwRS00NTc2LUEyN0QtQTQ3RTU4MDU3RDJC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIVkHDDQXiGEjM97RwKndfk&google_cver=1
Request Chain 281
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6829081943877337663
Request Chain 283
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rRp9y39E2uVwkZj6PdmMioAbudaPN04-~A&gdpr=0&gdpr_consent=
Request Chain 284
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d43f665-1c09-4758-bdc1-9e725f99e5da&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 287
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ca095a38-6150-4be9-854d-c90e33e817d3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 288
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9077043743129357630&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 289
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4203139841800031892
Request Chain 301
  • https://www.tribtown.com/wp-content/plugins/aim_seo_smo/cache/chartbeat.js HTTP 301
  • https://tribtown.com/wp-content/plugins/aim_seo_smo/cache/chartbeat.js
Request Chain 325
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=28w7cq352qfl
Request Chain 326
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3AD6E96DB69647639DFDE4733FA73FF9&gdpr=0&gdpr_consent=
Request Chain 327
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B HTTP 302
  • https://a.audrte.com/p
Request Chain 328
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=59D38E8A-0F0E-4576-A27D-A47E58057D2B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=59D38E8A-0F0E-4576-A27D-A47E58057D2B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 329
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&addseg=19,36,42
Request Chain 330
  • https://pixel.onaudience.com/?partner=214&mapped=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6eC_6pcwMc0WqeJpHpdkQAABH4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_cver=1
Request Chain 335
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6eC-6pcwMc0WqeJpHpdkQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEzegRjq4ujlrTQ-HNrsolI&google_cver=1
Request Chain 336
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3AD6E96DB69647639DFDE4733FA73FF9
Request Chain 337
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 338
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=x5bbmREv1P9doR5
Request Chain 339
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4203139841800031892
Request Chain 343
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC2JG3N6-1B-7XCH
Request Chain 344
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UO2KDYALRluO0zIBIEgGRQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UO2KDYALRluO0zIBIEgGRQ
Request Chain 345
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VpqSHDaYQxO3c4xeqwdc8Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VpqSHDaYQxO3c4xeqwdc8Q
Request Chain 346
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ5NDRkN2RhNDFmNDI4NTYwZGViNGU1N2UxZTA3YTM0OGZiOWM5NA
Request Chain 347
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ttbfbmPaFRIDv_BxsYsH6Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dN83zgVE2oIU3NwdI3LRROtsUfPvx3MBxtzbWg--~A
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJE1Umk8cg6rMPOVbbeOLkI&google_cver=1
Request Chain 349
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMySkczTjYtMUItN1hDSA==
Request Chain 392
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELUGhImXiudXqNAALiMtEgQ&google_cver=1
Request Chain 394
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8fea49cd-bf4f-46c4-82d8-7791a6503bfe&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VmdxOXd5Z2t6M2dTQlpDdDdLMWlLZw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEPzxou0PzoZjl17cDFdIpV8&google_cver=1
Request Chain 395
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=0d43f665-1c09-4758-bdc1-9e725f99e5da&google_hm=MGQ0M2Y2NjUtMWMwOS00NzU4LWJkYzEtOWU3MjVmOTllNWRh HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAo6MW_K5z1zaazLlVjefrg&google_cver=1&ssp=sonobi&bsw_param=0d43f665-1c09-4758-bdc1-9e725f99e5da HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=0d43f665-1c09-4758-bdc1-9e725f99e5da
Request Chain 396
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=991b63a7-82ff-4b00-a6c7-245c934cbce9
Request Chain 397
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=573091&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAH3cU7HTwYAACERpKCQjQ&expiration=1673132038&gdpr=0
Request Chain 398
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5133329523545131206

390 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Redirect Chain
  • https://mrgunsngear.org/3FRbWhG
  • https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
186 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b16ac1a43668313022fbbe42a11009c3a30d34b667fd63925fdb3ce00eca8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
77ecea3cfc0d9046-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 22:53:47 GMT
link
<https://dailyjournal.net/wp-json/>; rel="https://api.w.org/", <https://dailyjournal.net/wp-json/wp/v2/posts/1798038>; rel="alternate"; type="application/json", <https://dailyjournal.net/?p=1798038>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC05poU%2Fs27E9YJ5%2FjHyCDp9kdizkn4bBiBsrQ23yu7JmNpMjVHtkj9MvVZNAcXjJsHYPFlyewkribkT%2Bc%2B%2B26O%2BcDW0suZqCKg3YxjnxL4K94ndbMh7oVKir7wfClfd%2BigIBG5cfVqAfNapWHY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-pingback
https://dailyjournal.net/xmlrpc.php

Redirect headers

cache-control
private, max-age=90
content-length
178
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 22:53:46 GMT
location
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=1209600
formidableforms.css
dailyjournal.net/wp-content/plugins/formidable/css/ 		132 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/formidable/css/formidableforms.css?ver=11181921
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88691bf845e16996e3f7b84115a98cdd4c0e362d059f9241f33b3cf2e1297eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 19:21:30 GMT
server
cloudflare
age
6303
cf-polished
origSize=139251
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yz8pU6MPDgWg6Ltet%2Fx25%2Fx2E%2B0I%2FlY5xjEwgCideKTwNHXbfaG2ae7GkOI0Slm2lIVVAhVN62T42AIiwPrxKGB8oRJDgzmjDFZkDZ%2BBpJsLue2MSRr2ojVEwzOanIwiHrTBzBEstzgrC5LorYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77ecea427aae9046-FRA
style.min.css
dailyjournal.net/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 20:41:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rlTCoeJdtOGZKhltbZ9fKNC22KcWqIil1N1RRXOk82y5DcQJ5dALssDjoQOnNJ2IOIf5%2BJT5KU9gvCyRjffa9jZ4cHeKF%2BHjt0s6PqKKMxtab%2BgnROxs0LSAn68fF%2FKZTFM2C3%2BW89nJA7UvPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77ecea427ab09046-FRA
classic-themes.min.css
dailyjournal.net/wp-includes/css/ 		217 B
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 08:40:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCkUbW0cQ6%2B5cD35DGbs83gQdJhdnYrF2vEYm1D4zkH8qyVae7ae63M49A%2BjawwTlLOvfe5WHIi8CXe8xXRsKmTdszadxxRf%2BL3PZFcRcw2p5PIawHVSuGl648JqCkXcjp4EqqJliXosAlaoVgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77ecea427ab29046-FRA
style.css
dailyjournal.net/wp-content/plugins/td-composer/td-multi-purpose/ 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=810534ce963cec6bd2e7978db2c935c9
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Oct 2021 05:00:04 GMT
server
cloudflare
age
6303
cf-polished
origSize=37284
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOK5Nppb4fGBAduj4VZap8QiIHN9ww%2BaIUqh6tfC4H83VQX3De0yO8UZURxq%2FSCQtU77NXgSeR7lBtMD2B7OFZFx%2B3e3fwTuNIYEWNH%2BImVljh%2F%2FoBChOfgg4Uty7FgG8lThHBm1AIa3vh92pL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77ecea427ab49046-FRA
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
092804d065eee9d096bea623a228ce7fe27d7791cd9f50f2d3faa63b1c54668a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 21:17:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 22:53:47 GMT
style.css
dailyjournal.net/wp-content/themes/Newspaper/ 		104 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/themes/Newspaper/style.css?ver=11.3.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Oct 2021 05:00:04 GMT
server
cloudflare
age
6303
cf-polished
origSize=149061
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjzhfVRJoniWdaSdcX4U%2F6sN3n4XEQbl3WvdBGjMBLWMYi%2FdxuGVT4VRy9bcRTh09iZzVrSzzJlwnIcpYF4aCcw%2FEIu3AzoNLxRYrvTFfdBLuIC4Yx5%2FG3WsoHpeifeyNxYc9ocBkTahPHGTmLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77ecea427ab79046-FRA
td_legacy_main.css
dailyjournal.net/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		125 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=810534ce963cec6bd2e7978db2c935c9
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11358f81905fda56213119d8d9a1076ec679d26ad3f9ad82c0091024a7a1408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Oct 2021 05:00:03 GMT
server
cloudflare
age
6303
cf-polished
origSize=158679
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GepXOSotGaeTSIpAo9b7UFPFUxtFLxoU2CtgAUbS8LnE%2FxwwRVHlyZIqjXwQ0JM45%2F8UK39Qc2%2BQ1IvFumEasBDPTIiH1K90Zoo58fvr35MPu6YzWSkIVoGSvY%2FCHSx7fc%2F1Bk5ZiNvxjGcJghU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77ecea427ab89046-FRA
td_standard_pack_main.css
dailyjournal.net/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		569 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=79f8a1d02f05c15c98a62e68cd419e0b
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Oct 2021 05:00:04 GMT
server
cloudflare
age
6303
cf-polished
origSize=732364
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF3wd8PVGFVv1rZd%2B4aZC1gDYCAkaprgKv%2FUyZOcDeopvDul6oZ4vRVYCkqbdEMC1Zpc4MTamEAf1aJFef58Jwr3e3qhKWRuln5ROqvj7olPkLyBhisodN25yE0Med3sPr4xUSmIOZrBTiFuZb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77ecea427aba9046-FRA
jquery.min.js
dailyjournal.net/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 08:40:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeWym7Dm56258WpqKSMQllbKz%2BerxYjycNZZQzMR4bFhDcgc%2FTy5yOQdaW4xhZTbHImvOd1cJHWzGaOPAf%2B59Rfh8P3JODS5I7y1uACRi31ZMdallfLIQGNU8343bEm8LnetjRv1WciD4K%2Fx%2FY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea427abb9046-FRA
jquery-migrate.min.js
dailyjournal.net/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 05:00:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR7cZpSRbTvSnismA0LrY7%2FMMoztmT5I9Aud9NLDJ4dkEb2LI6e0NNOImaMLHQpMHFI4Juz7JpZ0125%2FALmbIYOKcZHy4cS4kqSWvOvN%2B44QTZvdNvK1FyYhi1C1Q0MO1lnSct0lKLWhtMMdykM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea427abc9046-FRA
loader.min.js
loader-cdn.azureedge.net/prod/aim/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/aim/loader.min.js?ver=6.1.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488B) /
Resource Hash
d282a30580fe5e3e1a0f765672eb7981b726e6d492e64ded067a2539af376738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
gzip
content-md5
jAhEuHoWpqAiNjs2ZS4Igg==
age
5257
x-cache
HIT
content-length
10892
x-ms-lease-status
unlocked
last-modified
Fri, 04 Nov 2022 07:19:00 GMT
server
ECAcc (ama/488B)
etag
0x8DABE34D866600F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
57b4bfb9-d01e-006f-69de-17fd4d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
script.js
dailyjournal.net/wp-content/plugins/Daily%20J/ 		1 KB
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/Daily%20J/script.js?ver=6.1.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962851f7ec17c7dce6050a28782ce6c8cd01e65a2b3c0be3fed863a054fa9c71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Oct 2021 19:00:28 GMT
server
cloudflare
age
6303
cf-polished
origSize=1967
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWko8Go%2FYfQ1oCOdjYMnTCMjwpcoeRKyMedqw%2BH3WiGyWw6wzfRdnwYWXn5js8toq3Y1ZlFut%2Bz2uawH62WkHYUBgu3SwpC0YKbI6qQ9hDs9wLyFdgbv1iJqeRvS5p2AptUK8Qc%2BIU33S5RGjyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea427abd9046-FRA
localize.js
dailyjournal.net/wp-content/plugins/Daily%20J/ 		0
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/Daily%20J/localize.js?ver=6.1.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Oct 2021 05:00:03 GMT
server
cloudflare
age
6303
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7Z26qhlGwkEUrlBlZDHHb5vXR5bJHL1WxVFJtTdj1NYwmzok2rPH4BAdu5HNN5wkMnVOhSW1cGKr0Xdt%2FAnny%2FTbanb07Jqp9WvutXqJzwOEBYzOdMlsF5Mnf4GJF9SwuykScVbxfF9ZKjFW%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea428ac29046-FRA
content-length
0
css2
fonts.googleapis.com/ 		10 KB
735 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 21:52:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 22:53:47 GMT
wp-emoji-release.min.js
dailyjournal.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 20:40:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6302
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBfMxh7dHQ98LrMJClu8uxq%2FKC5DXG49UA8gOV5rwvgiK6q7Kb1OOtspyZVJfyKFxS4P23crwKWnY99lQRN0%2FxMRdZaApgK8nhkuvPO8ss43hdg1tmfwzIsZKFMe3geh0Y%2BOS7soif7zURYl4FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea433bd69046-FRA
/
liqwid.net/ 		601 B
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://liqwid.net/?key=196A-5617-2B2F-5FBD
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.66.196.157 Plano, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fd9330bdfa4183f0a88db34eb51f5b6b382412256d39ffa237e25efc02385c7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=60
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
581
outbrain.js
widgets.outbrain.com/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f91f7d9c4de52ec1084e1f06b5043dd2d60da1a67b32bb90002357e3687ce224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 13:07:56 GMT
etag
"16-6gM5MqNVHb6QnqYQM+WiLsXk2G8"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
5313bda046494c594cb3805289fe158d
timing-allow-origin
*, *
content-length
75171
mg2nw.min.js
prodmg2.blob.core.windows.net/newsletterwidget/aim/ 		143 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmg2.blob.core.windows.net/newsletterwidget/aim/mg2nw.min.js
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.62.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
97857a2708957d832eb488968ea0321a344203f717a9fc1ecaa749bc0558401d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Sat, 24 Dec 2022 22:53:47 GMT
Last-Modified
Thu, 25 Aug 2022 12:28:08 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
qPY3EkPRcqIzM7LoYsEXfQ==
ETag
0x8DA869544BFC91C
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
38b9843a-801e-0010-0aea-1732d6000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
146400
DailyJournal-iPad-768x120-1-300x47.png
dailyjournal.net/wp-content/uploads/2021/07/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2021/07/DailyJournal-iPad-768x120-1-300x47.png
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1d9a531190cab9066ea2d50e72772e5764b627d60708e4a79b43ee998966b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Thu, 21 Oct 2021 05:00:11 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=3275
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUufRk4T%2B8m1QNHI7lLSG3aC6hxlDFpg5fIQtPxNnB1619%2BdmvnS0C4nQuYhq9%2BlSA8fCRLdGdJZhD8lUMkKahXJhf6vXwoLe5sSe4lvA3GfvuIKWc65c526bj7k55dTfSK6lqeD4cllqSsoy%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="DailyJournal-iPad-768x120-1-300x47.webp"
accept-ranges
bytes
cf-ray
77ecea4899ea9046-FRA
content-length
2282
dj-140.png
dailyjournal.net/wp-content/uploads/2021/10/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2021/10/dj-140.png
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb6d0e3d80d7ae9d60e692a94510c5b7601ff8113d71a82fce3ac3ca134fbd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Thu, 21 Oct 2021 16:19:29 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=2765
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=066sXDFGIwIuEq2YsWXIXyMyq1wCH9MerWVItK1tFS82Y24B9FadAjM8gG%2BtbxShZb9RnAYXNbr6JgKjZEMICRcidNnSVMDCwlQwCSjK0m%2BXsK2jDyItSWoEKpq96l1XXeN381JDdUn8BQDF1hA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
content-disposition
inline; filename="dj-140.webp"
accept-ranges
bytes
cf-ray
77ecea4899eb9046-FRA
content-length
1346
130386854_web1_20220719dj-greenwood-mall-shooting-1.jpg
dailyjournal.net/wp-content/uploads/2022/12/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130386854_web1_20220719dj-greenwood-mall-shooting-1.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d1ea3901720c319eb77062e54e6ca9718b9eca922c0b58df10b721220d30b91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 19:54:44 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=194504, status=webp_bigger
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdJ%2BLpVz9O9yV59UeOHZGe245kqhbc2YEPWsHBhSYlxhOq8nOj9ljsk93mVb56pBQ73dkumLm8DtUFKfR2l1Sx5bNVI5vvSbCElwwghUmHi8EeTMp3MS%2Bp8%2BJo61smOGUs%2FS6%2BILNMWR%2FInvqMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea4899f19046-FRA
content-length
185327
130386854_web1_20220719dj-greenwood-mall-shooting-2.jpg
dailyjournal.net/wp-content/uploads/2022/12/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130386854_web1_20220719dj-greenwood-mall-shooting-2.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e772353c8acaaa7d27cc46aea6edda76434b9d17452bd2f5df7c212bcaa346c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 19:54:43 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=114186, status=webp_bigger
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qFxtpchqqlFOrk%2BzcckLi4Rqe2QsF6Qe5L8rGEHNUFdz%2Ba29m3mGEDobRFaNgcZBai3OZpVOEoYl%2F72KVb0bDPQCXUXrAR6ykudqPnUk2w5RjoV1S08fVK%2BXITuFRt%2BsN0HqljArQoNN4Yawq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea4899f29046-FRA
content-length
109739
130386854_web1_20220719dj-greenwood-mall-shooting-3.jpg
dailyjournal.net/wp-content/uploads/2022/12/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130386854_web1_20220719dj-greenwood-mall-shooting-3.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0965777f72ee28513a5d5b95fd0b9d3e3add57ca9808eff243a57d5938beed3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 19:54:42 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=106763, status=webp_bigger
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAXDSqkeqM8MNFEElIh6%2Bmi8kZuGdDiazhFDHwRJ3G4Koo9z5P6AIczncR62wZW%2F1n6BDoa20BRPTKMwE8E2%2BkevSQCpWUXJiPCiajVkJ9cKndYQmZb2BYtp6jCYohxSod%2BMoJWc9Bjwu6TmNlI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea4899f39046-FRA
content-length
101578
130386854_web1_20220721dj-gw-mall-memorial-1.jpg
dailyjournal.net/wp-content/uploads/2022/12/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130386854_web1_20220721dj-gw-mall-memorial-1.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f9f1591709ab5661fa3815c6c8ce76fdc7a636fb86178b7101ccd7ca3c0191

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 19:54:40 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=164055, status=webp_bigger
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px4wXuW8Ovu44yGquGhZW2HHSA5gTYbbgKZ6jvKI%2BLWlHiuhqV1F6NTquRosf4umfI2wRkQVWSgMSJ71b%2BZjOLesKhax5a%2FhjjLeha0LVp8nOCbSgoywOmCiplMwNQ1eZMK2mUIgiEH42jgZelk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea4899f49046-FRA
content-length
158778
130386854_web1_20221222dj-Sapirmann-entering-1.jpg
dailyjournal.net/wp-content/uploads/2022/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130386854_web1_20221222dj-Sapirmann-entering-1.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6838e34f793cc1bd269c046eade166c6b7a79f0489b422a25c86cf03474cfbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 19:54:39 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
status=not_needed
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBBI7qbMfG%2FcjwB9E7T9Gs6yOvazEBuzK2pEKA3YKPk9tJX%2FIm5HKOnPEwhZTvgHODF3EDZ8ZicvnNZTLCwKdFHIKUbRFYHcrEgl5QEBo%2BIA4jfnJa8fF38k9hVePGYc7xk0Dz7arVX7fbWcCR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea4899f59046-FRA
content-length
12128
130386854_web1_20221222dj-Sapirmann-entering-2.jpg
dailyjournal.net/wp-content/uploads/2022/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130386854_web1_20221222dj-Sapirmann-entering-2.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4aa0f1468d110c0a34265257aa43a389b345f7306137927eac600da913b7801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Wed, 21 Dec 2022 19:54:40 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
status=not_needed
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJ5iGVd7V%2FlmcgbHvNopGPPw0NWTC02qrqOD6Ll5RY8uXmBrBmBteRAYPRwhgj2tJDD2MJuqPcm9qEgMUivhaYJaBvwrArTLjeL3GYFicn5VCmg%2BTcSwJLlT28133U%2BNcSYYOuAISMBLsnM2PGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea4899f69046-FRA
content-length
25645
130386854_web1_20221222dj-mall-update1-300x198.jpeg
dailyjournal.net/wp-content/uploads/2022/12/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130386854_web1_20221222dj-mall-update1-300x198.jpeg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c11c94ece28dad27d012873c122955445f4d43a490eb8dfa60b749f8c44fbf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
MISS
last-modified
Wed, 21 Dec 2022 19:54:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BvccNOv%2BbDq4KkLE%2BByfBrPRjokVLk7L7bTL%2FJkPm%2BQiAkVaYHbgn%2Bze7Y6erq2NEube3zSBmJmO3XRsQByvA3VEejKUHInOyyWd1y4H00tB1MvPDTSPGUzZhb8CTPOpgY3KF690cQm%2FTnzhtw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea4899f89046-FRA
content-length
16809
Optimized-image-e1634815167732-96x96.jpg
dailyjournal.net/wp-content/uploads/2021/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2021/10/Optimized-image-e1634815167732-96x96.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c954755821e73e18bd2ebf2f8e74ed6096804a1e3263e20ddf2503ec276229

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Thu, 21 Oct 2021 11:20:58 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
status=not_needed
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlioqNu1JfV3BN6bMqWgwnzmvxcNm4IS3TbuwTlKxrEzbrw9OdQODt9XVGqIxbHVvrdKwiXSeDR1LJNZejV0OReq8mgyinn2KVXMW7kFMV1xNHbBQCod8R%2F%2Bf6JIImE2%2BfRmuonW1vl4obpzgrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea4899f99046-FRA
content-length
2718
email-decode.min.js
dailyjournal.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a1e484-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP4RGSmf0WMq8ULcL7xSY2tvllX%2BiTJJUTK8thQ8RovTUYYKx%2FxsmrB%2BFeabohxEdQJBsBhZv6l4G3LgDiutAbizqFMwfXYkBsiBy4wzpFjTTzxtZnENTyKHwpbqqp0fsHQewNcmavj4eB373GU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
77ecea4859ae9046-FRA
expires
Mon, 26 Dec 2022 22:53:48 GMT
csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain
  • https://get.civicscience.com/jspoll/5/csw-polyfills.js
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Server
2600:9000:223f:4600:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f49f437125677bf25a1b318d83f84152ee5b72fbf5cd4bc7ceca8c82d581da8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:56:56 GMT
content-encoding
gzip
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 15:53:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
57413
etag
W/"f5dd312962d5cb7864d139d44e215ac4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7_F-OthVEtTzzaheVwp3E7pnlkVY5Oqs34y7tTXUB6UHG1Yb3ndbhQ==

Redirect headers

location
https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date
Sat, 24 Dec 2022 22:53:48 GMT
server
awselb/2.0
content-length
110
content-type
text/html
widgey-dug.php
japfg-trending-content.appspot.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10220&v=1&q=3&i=1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
b671b8363ab11f29ac6202d86af887f6344ef364c540011403517403b074edfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
addthis_widget.js
www.therepublic.com/wp-content/plugins/aim_seo_smo/cache/ 		0
0
dfp.css
dailyjournal.net/wp-content/plugins/doubleclick-for-wp/css/ 		72 B
393 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/doubleclick-for-wp/css/dfp.css?ver=0.2.0.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbadade78bce077b4584a5e8d9812cd262df9990c1b8fa7294b86e88c297b5be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Oct 2021 05:00:03 GMT
server
cloudflare
age
6303
cf-polished
origSize=275
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFjkxc6KoXQ0D9BXIIdfLM6fBdNvZ380ZNSaFx27P3u11OXhCvMMyHYk3bfQuy66D5NDZ%2F3z2x0lyJnIMsY%2B0SIAkR023lfTPFrJ4Evz3x%2FDyeBq10O7yGc3Wb1YIZv0nFM%2BhmhjlkLpmMmqSL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77ecea4899e29046-FRA
underscore.min.js
dailyjournal.net/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 08:40:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZ%2FY4tz0rnUQUgPpJDwgj2sJNjO4wnVLhRGVj%2FkvZ4sTd7uI%2B4mqOQEqMIuSy%2FQHBE4errF8tusaVwKRmVpHDc%2Fg5w0W2xQbpk1x3a5K0LuW2SxvEcSno3fQ8%2BCnlaYQi7ZKUrFrQhQqTPVig9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea4899e39046-FRA
js_posts_autoload.min.js
dailyjournal.net/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=2713a088559ff26084e8003394764364
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 05:00:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q26DbztnkRsBgczGtNPmllMd5iawxapemyY1JwmURO%2Blbjp%2BgQctgvIm0pA9Zbi%2Bz57zJ%2Bqgc1XU2Sqors8Du1NywddZ%2BotY44GziTuzEbhvUCA%2B3kfL1LZDPIf45Z4VAqMbR5XUmc0QB5EUuHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea4899e49046-FRA
tagdiv_theme.min.js
dailyjournal.net/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		258 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.3.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 05:00:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzbOanQ3lk0w1v9ZqSSaQ%2FBC5iJz42KQoDE5fA%2FVD8K%2Fvd8K8Ik66LeepgPsH7RXqhXAoJhLgXTsNzlRbjiErpf1FrqJbywJwXyHPrlPIyjaYN8PvRLz9cyiyuyPplZ7tV8jPhhAA%2F8oYgvKhtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea4899e59046-FRA
comment-reply.min.js
dailyjournal.net/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 20:40:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFRpH%2FFR%2Bm85P14FvuuTxjPmH%2FT5m9ZTuP%2BoZOupxc2XA5eNmhfBiH7QiAdAmIqdMvrngmQJ6fyfx9w0CaoGPGP39%2BnYmCzPm66heuR0230qARK27dyZzMAPHDlo5dBT0QL5yvUkhc5rBcVdMTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea4899e69046-FRA
js_files_for_front.min.js
dailyjournal.net/wp-content/plugins/td-cloud-library/assets/js/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=2713a088559ff26084e8003394764364
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 05:00:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IGiWtXwH0fKaeXTuM5%2BReUukTG959UinHhEZOOyH%2Bj20MT7rCO0O5dNozyjrkKcsfylek5gUwAwYeeAlDhM4yTLs80TnqsMu9kUPTwS852IYzySE458Alc02aEoLnmowNv4nndAreLYSExrtSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea4899e79046-FRA
jquery.dfp.min.js
dailyjournal.net/wp-content/plugins/doubleclick-for-wp/js/vendor/jquery.dfp.js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/doubleclick-for-wp/js/vendor/jquery.dfp.js/jquery.dfp.min.js?ver=0.2.0.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb551cb5754cae5082cd484e67752944c2e8b70fbc5efae9c8ab2aa7e1306034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 05:00:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPUwGOPxMmzfr0wr4jvNXN0ulN4hYX55iQZ1Xkm5hcMvEjjfSgGDLLVfN2Oipu6g7v5T5Fyiuw9drwyNszSmJq9cCWacYg11sKJXUYqCQ75m0q0HMX3gMPLueR1DsikRyGZycpCXGhJGV6BnePA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea4899e89046-FRA
jquery.dfw.js
dailyjournal.net/wp-content/plugins/doubleclick-for-wp/js/ 		537 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/plugins/doubleclick-for-wp/js/jquery.dfw.js?ver=0.2.0.1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9584a57e58e13971e1737272fdf3b9d0267e8c36d641aefbd954542ca726ea65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Oct 2021 05:00:03 GMT
server
cloudflare
age
6303
cf-polished
origSize=1587
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hIcETcomQL0%2FO9lgaKrvbuEdy4m950PIQaHMhXQvj7RvdYTje5IC70mDiyU5DZcBFxKXGX849PIayZ7lTea4BQBJAqBShknCl1gFgRImhol%2BkVCZYNkBsukptODXN1nxU1yTcfHjBFXnQ%2BCHNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77ecea4899e99046-FRA
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-4866548-1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3803509a0eafaa28315014fb655482e39fd314d4eb6ab2721c4ede11ddf5b93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43596
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Dec 2022 22:53:48 GMT
newspaper.woff
dailyjournal.net/wp-content/themes/Newspaper/images/icons/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dailyjournal.net/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/wp-content/themes/Newspaper/style.css?ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Referer
https://dailyjournal.net/wp-content/themes/Newspaper/style.css?ver=11.3.1
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 05:00:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6303
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gNOpfnixO%2BmCrhWIDD9U5TsfCEpIY6G4Pg6kgeS30ll0Z9Vms4CnvZ55FLgNsA6zyi5GptChgcip%2B2IDlBtPjR2VrVrOx6LJeIJB89H3oEbNH7HkBnPoAujNy8bwtI4AJ7jNUvgjvf%2FAAiZqLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea48a9fa9046-FRA
content-length
24864
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
184293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 19:42:15 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options
nosniff
age
454136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:44:52 GMT
like.php
www.facebook.com/plugins/ Frame 1FEC 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1482702b986acead4a107ccc65764a34595828a8a590cbde327751dec9f5e3f
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sat, 24 Dec 2022 22:53:48 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
yLZhDsJupmi7rMfgEs0kMpDyGunhGhtXfs/kuEc9E1jz2ogZmF0C5XqQa1UGlgwx6Cr6f12nrUPEaStb8w0cCw==
x-fb-rlafr
0
x-xss-protection
0
truncated
/ 		111 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 18:50:24 GMT
x-content-type-options
nosniff
age
446604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 18:50:24 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:07:05 GMT
x-content-type-options
nosniff
age
49603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 09:07:05 GMT
main544.js
liqwid.net/static/ 		215 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://liqwid.net/static/main544.js
Requested by
Host: liqwid.net
URL: https://liqwid.net/?key=196A-5617-2B2F-5FBD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.66.196.157 Plano, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
21f736a7540c73bb779c6d39ae434b8828da1351b09d0faf77072a461d90cf16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:47 GMT
content-encoding
gzip
x-powered-by
ASP.NET
content-length
71786
last-modified
Wed, 14 Dec 2022 23:56:08 GMT
server
Microsoft-IIS/10.0
etag
"0dc74a21710d91:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 1FEC 		299 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
Zp2GcU+v4gHQBi7cBKhNtWYpayYwoVN+va2BneAGGoYk0V7qwXdgo2qls1ERihiv8+WtH9OmLKALvYNqNF4Peg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 11 Dec 2023 07:02:51 GMT
PAvlVbOucuu.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yh/l/de_DE/ Frame 1FEC 		525 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yh/l/de_DE/PAvlVbOucuu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8fae9fc740319880c3e4679da072da47e459f25538aa18a1ea2b6f5631b2c751
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
s2SYEaciDuD4A1fcqzzV0g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
138181
x-fb-rlafr
0
x-fb-debug
JjxQa7vXs8CuyMoWUM0H/7Qd+B24GU7RnkLp6gT+/2BRBjdpEznGTyTWDoGK60dKbW2rM0IS+Ur+E2q+1WrlyQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Dec 2023 12:12:51 GMT
ZGFpbHlqb3VybmFsLm5ldA==
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/ZGFpbHlqb3VybmFsLm5ldA==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 22:53:49 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=43163
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
71ecc2ea6ee73d6a0347abbc6f83f66d
Content-Length
15
Expires
Sun, 25 Dec 2022 10:53:12 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Mon, 23 Jan 2023 22:53:48 GMT
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=424074054.2410999308&n=0&s=poll&t=created&d=%7B%22target%22%3A%22cdc8875e-54e9-0d14-c14f-e97579da1749%22%2C%22instance%22%3A%22civsci-id-311138401%22%2C%22isContainerSeen%22%3Atrue%2C%22context%22%3A%22%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A24%2C%22cy%22%3A38%7D
Requested by
Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.30.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-30-185.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
bootstrap
www.civicscience.com/widget/api/2/ 		307 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/bootstrap?target=cdc8875e-54e9-0d14-c14f-e97579da1749&instance=civsci-id-311138401&context=%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter&mv=5&_=1671922428657&callback=jsonp_1671922428658_48043
Requested by
Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-172-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
010f56ce01aeb2445f255a4a7bcd8c85deefdc5e832cc56f1184f5cf9ba26de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
get
odb.outbrain.com/utils/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&srcUrl=https%3A%2F%2Fdailyjournal.net%2Ffeed%2F&idx=0&rand=16297&key=NANOWDGT01&widgetJSId=AR_3&va=true&et=true&format=html&adblck=false&abwl=false&px=266&py=6097&vpd=4897&cw=696&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=20101&sig=QLbXiJs8&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30f71e543fbec3805b71bf345b1461869fc64c7c8d862af695db901399e81fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671922429.793546,VS0,VE121
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21980-LGA, cache-vie6369-VIE
x-traceid
3b38cb29bda35ca03d842000b9e19d2c
accept-ranges
bytes
content-length
3767
expires
Thu, 01 Jan 1970 00:00:00 GMT
target
www.civicscience.com/widget/api/2/ 		0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/target?target=cdc8875e-54e9-0d14-c14f-e97579da1749&instance=civsci-id-311138401&context=%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter&mv=5&_=1671922428853&callback=jsonp_1671922428853_20606
Requested by
Host: get.civicscience.com
URL: https://get.civicscience.com/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.172.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-172-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
x-powered-by
PHP/7.2.34
server
Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.2.34
gtm.js
www.googletagmanager.com/ 		127 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDZCSF3
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
599b77f7e454d732e9a9a4d7d37d74dd865c9e5c72d9742603ab2a96a39dd7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48101
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Dec 2022 22:53:48 GMT
liveView.php
live.sekindo.com/live/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c309a67511f28109c762621629f323ffcde8099d90feeb5ae021d5b3987c5961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
e4Ja4F0oxzIceBm3vOD0a6ywQTNFFf2t6YhqoKD2Jgb-MWcVU4wJEA==
gtm.js
www.googletagmanager.com/ 		127 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N8NHQMS
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bc591b3b162cd6bf2d4e1d6df70a2f6abff089e33d351cda28eb869abdae0b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48131
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Dec 2022 22:53:48 GMT
sprite_icons_6dc7d94.png
www.justapinch.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.10.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 09:04:40 GMT
via
1.1 google
last-modified
Fri, 09 Dec 2022 20:54:00 GMT
server
nginx
age
395348
x-who
gcloud-web-1
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22292
expires
Wed, 20 Dec 2023 09:04:40 GMT
McCBzlz6OZWHS0KKGZbiYOm8Eu5JMwR_L5fGk0XLgzqqlNK4TY_fVzt5SQO-Fu5e6stC7cstGsrrfb380fIH-wp8t9_mf64=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/McCBzlz6OZWHS0KKGZbiYOm8Eu5JMwR_L5fGk0XLgzqqlNK4TY_fVzt5SQO-Fu5e6stC7cstGsrrfb380fIH-wp8t9_mf64=w300-h170-p-rj-l75
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e2f5f759ee35231a107b5ab90a9fcb7d75f2235c4c5e1e9e19292a3531d3435a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 21:25:32 GMT
x-content-type-options
nosniff
age
5296
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11632
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Dec 2022 03:49:03 GMT
6kNHIFMQVQNMCU0uZloRLLfqHDvcJAz1SfKa7tYFj6qkyHO0LS9wrU9muALgpT2JS9LzobSDDQ72Gd610HWB7E62NyylTQ=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/6kNHIFMQVQNMCU0uZloRLLfqHDvcJAz1SfKa7tYFj6qkyHO0LS9wrU9muALgpT2JS9LzobSDDQ72Gd610HWB7E62NyylTQ=w300-h170-p-rj-l75
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
55b762d39ce985a90768f7cc9ead14ff328f23cbb446447412960a99a39824d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 18:55:09 GMT
x-content-type-options
nosniff
age
14319
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14777
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 22 Dec 2022 01:02:03 GMT
TxF3XyUeIi_4QX7xfT5cDUGOejCu5OBVueCY4iW59dMcORcw0QghhytwcTfPF0qzjnEa6z16jmWJxJqVkGds6OUJv6TpFQ=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/TxF3XyUeIi_4QX7xfT5cDUGOejCu5OBVueCY4iW59dMcORcw0QghhytwcTfPF0qzjnEa6z16jmWJxJqVkGds6OUJv6TpFQ=w300-h170-p-rj-l75
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
55880fab2ee68a999f2e8c148dc8f5bec0097774e59ed3f84db5258323eab1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 20:36:45 GMT
x-content-type-options
nosniff
age
8223
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12941
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 25 Dec 2022 03:32:46 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/wp-content/plugins/doubleclick-for-wp/js/vendor/jquery.dfp.js/jquery.dfp.min.js?ver=0.2.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1431 / 844 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 22:53:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4866548-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 22:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1589
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 25 Dec 2022 00:27:20 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dailyjournal.net/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 22:53:49 GMT
age
3308153
detected-user-agent
Chrome/108.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Wed, 16 Nov 2022 04:33:12 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
normalized-user-agent
chrome/108.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
/
liqwid.net/get/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://liqwid.net/get/?key=196A-5617-2B2F-5FBD&m=0&vg=3fc9b381-d234-43b7-bb7a-927431c2632f&vdt=2022-12-24%2022%3A53%3A48&tz=0.00&vd=dailyjournal.net&sw=1600&sh=1200&cd=24&vip=3644888864&al=undefined&cw=1600&ch=1200&u=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&i0=0&ps0=A&w0=1&h0=1&b0=0&d0=&i1=1&ps1=B&w1=1&h1=1&b1=1&d1=&tp=2&ex=&rnd=1671922428995
Requested by
Host: liqwid.net
URL: https://liqwid.net/static/main544.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.66.196.157 Plano, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca2bf2af3e1dbd0bac81699935d8c3ee8ba994087c096d5ae209af935cb5a19a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
18275
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Mon, 23 Jan 2023 22:53:49 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=40ade29aed415cd07c02cd098034eb4b_29319_1671922428856&tm=467&eT=0&widgetWidth=696&widgetHeight=34&widgetX=266&widgetY=6124&wRV=20101&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=262&oo=true&lo=2580&odbreq=2795&odbres=3056&cet=4g&to=1671922425944&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Dec 2022 22:53:49 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
04898be420d9cb43d8559f29482c1015
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/20101/module/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/20101/module/streamFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
04c890757507814058ae8a741acc075e24d1c0f22f4cf7ae0e5d9583a71bf2cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 13:05:42 GMT
server
AkamaiNetStorage
etag
"aedfc8e1b3bfe7ed71163c8e7872bedb:1671692234.646712"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13317
expires
Sat, 31 Dec 2022 22:53:49 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"65df986ae65cffdf92a926e7c42a25a8:1662969047.139727"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
12268
expires
Mon, 23 Jan 2023 22:53:49 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1234524406&t=pageview&_s=1&dl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&ul=en-us&de=UTF-8&dt=Police%3A%20%E2%80%98No%20clear%20motive%E2%80%99%20for%20Greenwood%20Park%20Mall%20shooter%20-%20Daily%20Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=841437226&gjid=733213856&cid=1552943419.1671922429&tid=UA-4866548-1&_gid=1848441940.1671922429&_r=1&gtm=2oubu0&z=1848869545
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dailyjournal.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
mv.outbrain.com/Multivac/api/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&settings=true&recs=true&widgetJSId=AR_3&key=NANOWDGT01&version=20101&apv=false&sig=QLbXiJs8&format=html&rand=36219&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&srcUrl=https%3A%2F%2Fdailyjournal.net%2Ffeed%2F&scrW=1600&scrH=1200&t=NDBhZGUyOWFlZDQxNWNkMDdjMDJjZDA5ODAzNGViNGI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11741-81572&layeredTestInfo=11741-81572-&dpr=1&cw=696&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/20101/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15295fb4d15e6b05b37edadd3d0ad09bc2a5b663d98c3e25dd14cf314b70c7d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1671922429.101024,VS0,VE380
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21944-LGA, cache-vie6369-VIE
x-traceid
31868f582dc6d82862df1ab91420123b
accept-ranges
bytes
content-length
25175
expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		98 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dailyjournal.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebdc76da6a400031db745c82b73a3ee53065265545267e5b7b73d87d4410564d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:49 GMT
liveView.php
live.primis.tech/live/ Frame 3694 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898&csuuid=63a782fd18062&r_csuuid=1&cbuster=1671922429&pubUrlAuto=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0bac6c979e8502e6e90a4ab806d32724674f86f26deb1b9626a1be94282bc1ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
n1N_E43fbrm9abY-RxVVNlIykdnDTStOFjABBdALL0FqT0ImX-0G3A==
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 3694 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898&csuuid=63a782fd18062&r_csuuid=1&cbuster=1671922429&pubUrlAuto=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
x-amz-cf-pop
MXP64-C2
etag
W/"5e441350-4be0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
BppFXfqGcVxwCm4CzLzx2iREkcGt7-dh2YyQf04AUfw8AYM0tbLSOA==
expires
Sun, 24 Dec 2023 22:53:48 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 3694 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898&csuuid=63a782fd18062&r_csuuid=1&cbuster=1671922429&pubUrlAuto=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
MXP64-C2
etag
W/"6024fccc-228f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
QlSt7cEfmovCjKD1PARUKVHTIAx8Hrd2VvE1g79NRuoZvksQ8jwgSQ==
expires
Sun, 24 Dec 2023 22:53:48 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 3694 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898&csuuid=63a782fd18062&r_csuuid=1&cbuster=1671922429&pubUrlAuto=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
x-amz-cf-pop
MXP64-C2
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
ZGnITzBFchENiNEDKIpklYQOgrjk3huOeDLjafy3Bm1KJ5WUFtdA6Q==
expires
Sun, 24 Dec 2023 22:53:49 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 3694 		258 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898&csuuid=63a782fd18062&r_csuuid=1&cbuster=1671922429&pubUrlAuto=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:36 GMT
server
nginx
x-amz-cf-pop
MXP64-C2
etag
W/"623b1724-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
JeT-BSSv_S2wAfHK31otqD9prHIvecoVGWpLpkViH_wJsKfHFI6OAg==
expires
Sun, 24 Dec 2023 22:53:49 GMT
prebidVid.7.16.0_4.min.js
live.primis.tech/content/prebid/ Frame 3694 		510 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898&csuuid=63a782fd18062&r_csuuid=1&cbuster=1671922429&pubUrlAuto=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 08:19:18 GMT
server
nginx
x-amz-cf-pop
MXP64-C2
etag
W/"635f8506-7f9a4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
e2r7WwEsMyYjHI6vYAss1VUF5G8niPVXdbAc3Ckj5j56CvRtBnW-pA==
expires
Sun, 24 Dec 2023 22:53:48 GMT
liveVideo.php
live.primis.tech/live/ Frame 3694 		590 KB
240 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32355F30307D7B7331343235353330327D7B4335377D7B535A47467062486C7162335679626D46734C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1011%3Ae1ee%3A1be1%3A2418&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a782fd18062&debugInfo=14255302_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14255302&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e58yrwjvosgt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103647&cbuster=1671922428884&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed1e58yrwjvosgt&vp_template=7898&csuuid=63a782fd18062&r_csuuid=1&cbuster=1671922429&pubUrlAuto=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
174923f7eb9793790997c78f0bbc127f6166d8f4916a425d3c4f090645863077

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
TFXT-ndRWsU4MkuXl77-7veRX71EkKmfekaNElb0IInwUtDahoNSOw==
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1671922429204&sessionId=f5d610bf-b4ee-6dd3-9475-2f0ff0d32abe&url=dailyjournal.net&cheqSource=1&cheqEvent=3&responseTime=668
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:49 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
ead4a1628e198ee6caaab790f70a8de2
Content-Length
4
Expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dailyjournal.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyjournal.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		103 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=286285056126034&correlator=4443197196461334&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=1052426%2CHNE-ROS-728x90-ATF%2CHNE-POS1-300x250-AU%2CHNE-POS2-300x250-AU%2CHNE-POS3-300x250-AU%2CHNE-BTM-728x90-AU&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C728x90&ifi=1&adks=851018243%2C1895674757%2C2940209228%2C423639670%2C3352909784&sfv=1-0-40&cust_params=UrlHost%3Ddailyjournal.net%26UrlPath%3D%252F2022%252F12%252F21%252Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%26UrlQuery%3D%26Page%3Dsingle%26Category%3Dbreaking-news%252Clocal-news%26Tag%3Dspotlight&sc=1&cookie_enabled=1&abxe=1&dt=1671922429274&lmt=1671922429&dlt=1671922427273&idt=1963&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&frm=20&vis=1&psz=728x0%7C324x0%7C324x0%7C324x0%7C0x0&msz=728x0%7C300x0%7C300x0%7C300x0%7C728x0&fws=132%2C132%2C132%2C132%2C132&ohw=728%2C324%2C324%2C324%2C1600&ga_vid=1552943419.1671922429&ga_sid=1671922429&ga_hid=1234524406&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01d97bed95d5b5dbdf2c2f8425fa750b22360df87c9a35a5b999743d03c088e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15912
x-xss-protection
0
google-lineitem-id
5594742679,5594767438,5594767438,5835603054,5594742679
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138371802750,138371730425,138337303151,138371612214,138337302059
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dailyjournal.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7866 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:49 GMT
expires
Sun, 24 Dec 2023 22:53:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
primebid623.js
liqwid.net/prebid/ 		292 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://liqwid.net/prebid/primebid623.js
Requested by
Host: liqwid.net
URL: https://liqwid.net/static/main544.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.66.196.157 Plano, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4caa1c1c23199b413a9928be0eee9401ad9f9eb666e82c61e65ddfc0c716b3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
x-powered-by
ASP.NET
content-length
91586
last-modified
Thu, 04 Aug 2022 19:35:05 GMT
server
Microsoft-IIS/10.0
etag
"80bad4c39a8d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32355F30307D7B7331343235353330327D7B4335377D7B535A47467062486C7162335679626D46734C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1011%3Ae1ee%3A1be1%3A2418&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a782fd18062&debugInfo=14255302_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14255302&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e58yrwjvosgt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
x-amz-cf-pop
MXP64-C2
etag
W/"620367f6-465a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
8tfdo4gSx_7PQgET5mlAj0c-QSNAuFPqGFNWn_3aymfkBQs903I5VQ==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3694 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32355F30307D7B7331343235353330327D7B4335377D7B535A47467062486C7162335679626D46734C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1011%3Ae1ee%3A1be1%3A2418&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a782fd18062&debugInfo=14255302_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14255302&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e58yrwjvosgt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:17:19 GMT
content-encoding
gzip
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 18:13:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C1
age
2191
x-amz-server-side-encryption
AES256
etag
W/"01691be6486b0003601b7299d35deebf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
POqJ6LS9hS_4WCkosRTyLY67C4KmEw9LPs9r7HOxJSMjgtYcym-J9w==
css
fonts.googleapis.com/ 		1 KB
432 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32355F30307D7B7331343235353330327D7B4335377D7B535A47467062486C7162335679626D46734C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1011%3Ae1ee%3A1be1%3A2418&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a782fd18062&debugInfo=14255302_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14255302&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e58yrwjvosgt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 21:41:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 22:53:49 GMT
liveView.php
live.primis.tech/live/ Frame 3694 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTMyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNwM0ZWZzZzVuYwRwMmtmMTp2OTAmNS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrxjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRZrx5HVz1noVcfWVqJMFy6TTRNrxUmTzceq016VXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzN4T0RNrU9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56SXqNnzfmT0RBS2ZRLxfkQVb2UXNlp212RmZnYUcarEuapVq1OXp2VaykQ3UgrEJQOXy0pmYjRUEzqzyxX2NioaRyoaRsnWQ9MwYjMTQ2NvZ2nWRsY29hqGVhqF9xZXNwPVNcoXBfZSgIo25yrSgCYWkmYW1cYlgHpzyfoGVxK0NbnWNeZW4zqzyxX2NioaRyoaRsqGy0oGU9U2ygpGkyK0uiozV5K0JuoHNuoWywK0qlnWkfZWQeQ2ucY2gyovZ2nWRsY29hqGVhqF9xqXJuqGyiow02MvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp3NwtzrD0mMDAzrT0lNTAzpHVvVXJfPWu0qHBmJTNBJTJGJTJGZGFcoHydo3VlozFfLz5yqCUlRwIjMwIyMxYkMvUlRwIkJTJGpG9fnWNyLW5iLWNfZWFlLW1iqGy2ZS1zo3IgZ3JyZW53o29xLXBupzfgoWFfoC1mnG9iqGVlJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMkMmIlRDMlMmU1RwMjMmA3RDqCNmMmMTM0MmImNTM1MmMmMDMlN0Q3QwQmMmUmNmqEN0I1MmVBNDp0NwpjNwI0ODZDNmE2MwMmNTY3OTYlNxQ0NwpmNEM2RDM1NxM2NDQkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmMmMjMmA3RDqCNTxmMwM1MmA3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzymQXBjPTAzp2Reqw0zZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2EjMCUmQTEjMTEyM0FyMWVyJTNBMWJyMSUmQTI0MTtzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOC4jLwUmNTxhMTI0K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzNmqXVcZD02M2E3ODJzZDE4MDYlJzNvqXN0ZXI9MTY3MTxlMwQlOTQmOSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32355F30307D7B7331343235353330327D7B4335377D7B535A47467062486C7162335679626D46734C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1011%3Ae1ee%3A1be1%3A2418&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a782fd18062&debugInfo=14255302_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14255302&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e58yrwjvosgt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f91c94e6e337e7c7648a0f1446b6c8d8793a7caf071c97428aea8417c3c59237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dailyjournal.net
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
3823
x-amz-cf-id
gtXuKnDEZ2zHJglJVpc3lCft-3W73j-_pQf1GeDBjsJmFaCsaAQZmw==
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY3MTxlMwQlOSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAmNwQ3JaN0YT0jJat9MmAjJax9MwUjJaZcZF9jYXNmRG9gYWyhPWRunWk5nz91pz5uoC5hZXQzp3VvSWQ9ZGFcoHydo3VlozFfLz5yqCZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMkMmIlRDMlMmU1RwMjMmA3RDqCNmMmMTM0MmImNTM1MmMmMDMlN0Q3QwQmMmUmNmqEN0I1MmVBNDp0NwpjNwI0ODZDNmE2MwMmNTY3OTYlNxQ0NwpmNEM2RDM1NxM2NDQkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmMmMjMmA3RDqCNTxmMwM1MmA3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTIjMDEyM0FuYmtyM0ElMCUmQTNuMDAyM0EkMDEkJTNBZTFyZSUmQTFvZTEyM0ElNDE4JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjOC4jLwUmNTxhMTI0JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02M2E3ODJzZDE4MDYlJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NmE5MwI0Mwx0MwxzqWyxPVNyn2yhZG9TUGkurWVlNwNuNmtlZzQ0MGQlZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrWciqXJhYWjhozV0JTJGMwAlMvUlRwElJTJGMwEyMxZjo2kcY2Ugoz8gY2kyYXIgoW90nXZyLWZipv1apzVyoaqio2QgpGFlnl1gYWkfLXNbo290ZXIyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
Sjh6hW2X6mNv9LZWrF33JuJDaRESsa2g5MxQIdDOx2G2PiyW4oCIbQ==
vid634efffeab4c3831769035.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.jpg?cbuster=1666121734
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
604bec16dd716734f9eba46afae7d50910397838d46784c95133182052261922

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:32:37 GMT
via
1.1 5e95d2e6aebe43cabd9dcdad89ad0a42.cloudfront.net (CloudFront), 1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1, VIE50-C1
age
58871
x-cache
Hit from cloudfront
content-length
21067
last-modified
Tue, 18 Oct 2022 19:36:35 GMT
server
nginx
etag
"c8238e50f77b9111134d2058effb9a25"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
f7XaFhyiISaCsG3gRed_QlEjkgUPhf5uKVnoBU2GrhNH9HzH9sndcg==
expires
Sun, 25 Dec 2022 06:32:37 GMT
liveView.php
live.primis.tech/live/ Frame 3694 		103 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTMyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNwM0ZWZzZzVuYwRwMmtmMTp2OTAmNS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrxjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRZrx5HVz1noVcfWVqJMFy6TTRNrxUmTzceq016VXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzN4T0RNrU9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56SXqNnzfmT0RBS2ZRLxfkQVb2UXNlp212RmZnYUcarEuapVq1OXp2VaykQ3UgrEJQOXy0pmYjRUEzqzyxX2NioaRyoaRsnWQ9MwYjMTQ2NvZ2nWRsY29hqGVhqF9xZXNwPVNcoXBfZSgIo25yrSgCYWkmYW1cYlgHpzyfoGVxK0NbnWNeZW4zqzyxX2NioaRyoaRsqGy0oGU9U2ygpGkyK0uiozV5K0JuoHNuoWywK0qlnWkfZWQeQ2ucY2gyovZ2nWRsY29hqGVhqF9xqXJuqGyiow02MvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp3NwtzrD0mMwQzrT0kODIzpHVvVXJfPWu0qHBmJTNBJTJGJTJGZGFcoHydo3VlozFfLz5yqCUlRwIjMwIyMxYkMvUlRwIkJTJGpG9fnWNyLW5iLWNfZWFlLW1iqGy2ZS1zo3IgZ3JyZW53o29xLXBupzfgoWFfoC1mnG9iqGVlJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMkMmIlRDMlMmU1RwMjMmA3RDqCNmMmMTM0MmImNTM1MmMmMDMlN0Q3QwQmMmUmNmqEN0I1MmVBNDp0NwpjNwI0ODZDNmE2MwMmNTY3OTYlNxQ0NwpmNEM2RDM1NxM2NDQkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmMmMjMmA3RDqCNTxmMwM1MmA3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzymQXBjPTAzp2Reqw0zZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2EjMCUmQTEjMTEyM0FyMWVyJTNBMWJyMSUmQTI0MTtzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOC4jLwUmNTxhMTI0K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzNmqXVcZD02M2E3ODJzZDE4MDYlJzNvqXN0ZXI9MTY3MTxlMwQlOTQ1NCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32355F30307D7B7331343235353330327D7B4335377D7B535A47467062486C7162335679626D46734C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1011%3Ae1ee%3A1be1%3A2418&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a782fd18062&debugInfo=14255302_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14255302&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e58yrwjvosgt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5d3c1999b25460e0b6614228fb8dc3bc750eb9fa833dd74d6adffa3cd1b4e57d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dailyjournal.net
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
10780
x-amz-cf-id
77swJCNsLkDMiFA9492qyQe1W7YS0KwxQqdqF-wmeE70z5qcOpmOFg==
liveView.php
live.primis.tech/live/ Frame 3694 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTMyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNwM0ZWZzZzVuYwRwMmtmMTp2OTAmNS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrxjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRZrx5HVz1noVcfWVqJMFy6TTRNrxUmTzceq016VXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzN4T0RNrU9EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56SXqNnzfmT0RBS2ZRLxfkQVb2UXNlp212RmZnYUcarEuapVq1OXp2VaykQ3UgrEJQOXy0pmYjRUEzqzyxX2NioaRyoaRsnWQ9MwYjMTQ2NvZ2nWRsY29hqGVhqF9xZXNwPVNcoXBfZSgIo25yrSgCYWkmYW1cYlgHpzyfoGVxK0NbnWNeZW4zqzyxX2NioaRyoaRsqGy0oGU9U2ygpGkyK0uiozV5K0JuoHNuoWywK0qlnWkfZWQeQ2ucY2gyovZ2nWRsY29hqGVhqF9xqXJuqGyiow02MvZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp3NwtzrD0mMwQzrT0kODIzpHVvVXJfPWu0qHBmJTNBJTJGJTJGZGFcoHydo3VlozFfLz5yqCUlRwIjMwIyMxYkMvUlRwIkJTJGpG9fnWNyLW5iLWNfZWFlLW1iqGy2ZS1zo3IgZ3JyZW53o29xLXBupzfgoWFfoC1mnG9iqGVlJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmIlRDMkMmIlRDMlMmU1RwMjMmA3RDqCNmMmMTM0MmImNTM1MmMmMDMlN0Q3QwQmMmUmNmqEN0I1MmVBNDp0NwpjNwI0ODZDNmE2MwMmNTY3OTYlNxQ0NwpmNEM2RDM1NxM2NDQkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmMmMjMmA3RDqCNTxmMwM1MmA3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzymQXBjPTAzp2Reqw0zZ2ViTGF0nT01MC4kMDQ5Jzqyo0kiozp9OC42Mwx1JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2EjMCUmQTEjMTEyM0FyMWVyJTNBMWJyMSUmQTI0MTtzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOC4jLwUmNTxhMTI0K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzNmqXVcZD02M2E3ODJzZDE4MDYlJzNvqXN0ZXI9MTY3MTxlMwQlOTQ1NCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32355F30307D7B7331343235353330327D7B4335377D7B535A47467062486C7162335679626D46734C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1011%3Ae1ee%3A1be1%3A2418&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a782fd18062&debugInfo=14255302_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14255302&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e58yrwjvosgt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5db751d6d8ca9a4e84cdacdce89beedafb090e9a34beaa97f2e84b55f0191825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:48 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://dailyjournal.net
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
3830
x-amz-cf-id
Lh2vgY31Sw1AHtwb2Flf9LzUYCMGsld_3BTGoX8MbTkEkSNWxhh1Kg==
container.html
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0646 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:49 GMT
expires
Sun, 24 Dec 2023 22:53:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2529 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:49 GMT
expires
Sun, 24 Dec 2023 22:53:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:49 GMT
expires
Sun, 24 Dec 2023 22:53:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F6E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:49 GMT
expires
Sun, 24 Dec 2023 22:53:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:49 GMT
expires
Sun, 24 Dec 2023 22:53:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
loader-config.json
cdn.wgchrrammzv.com/prod/aim/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.wgchrrammzv.com/prod/aim/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4889) /
Resource Hash
b814f0a38089e65792d81ebebe5cf291889513b3b83251d12888038fec77c389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
content-md5
deRsxwHWUaXcQZwtkfmE9g==
age
41246
x-cache
HIT
content-length
1272
x-ms-lease-status
unlocked
last-modified
Fri, 04 Nov 2022 07:23:58 GMT
server
ECAcc (ama/4889)
etag
0x8DABE358A1EA44E
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6931ed9d-a01e-0065-2d8a-1759fa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 3694 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221224
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
297f9ba17399952c1c714755f4e3a2b00b4ca7a911cf24533c26a3039b323700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 24 Dec 2022 22:53:49 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
24781
x-jsd-version
1.0.1566
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
916
x-served-by
cache-fra-eddf8230021-FRA, cache-hhn-etou8220041-HHN
x-jsd-version-type
version
etag
W/"66b-Za0NOhqUsqdyNOVkqe6n6NFrtgU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 3694 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyjournal.net
date
Sat, 24 Dec 2022 22:53:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 3694 		67 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1671922429604&pKey=1875861362&_fw_gdpr_consent=undefined&_fw_gdpr=false&schain=1.0%2C1!primis.tech%2C22235%2C1%2C%2C%2C&loc=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&playerSize=324x182
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.136 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-136.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:50 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://dailyjournal.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1671922430013011-346
Expires
Sat, 24 Dec 2022 22:53:50 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0646 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
336195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0646 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8560941387472259
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e8420aa229279ff8a089ceea7fce8f38b564b4a4e76bc42db020656f096d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Origin
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49349
x-xss-protection
0
server
cafe
etag
2487146356440715004
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0646 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:49 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3694 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
date
Sat, 24 Dec 2022 22:53:49 GMT
x-amz-cf-pop
FRA56-C1
age
70614
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
OWrjhr58_rhT9vvAC1xYJ_8VAiRXS_nA9h0AJF6ri_EFQqhoUN27Ag==
reel.js
widgets.outbrain.com/nanoWidget/20101/module/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/20101/module/reel.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
adbf5a09596466540d860653fd54fdd745f8be9bdb2f134c8581ccf294be6490

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 13:05:42 GMT
server
AkamaiNetStorage
etag
"d7a87788314c0cd82fec61f495072a05:1671692232.136434"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8726
expires
Sat, 31 Dec 2022 22:53:49 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=622d37f41a352fa540fa87ade5127449_29319_1671922429285&tm=1112&eT=0&widgetWidth=696&widgetHeight=464&widgetX=266&widgetY=6170&wRV=20101&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=583&oo=true&lo=2580&odbreq=2795&odbres=3056&mvreq=3115&mvres=3699&re=3703&cet=4g&cs=2&to=1671922425944&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Dec 2022 22:53:49 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
7ce7794b7623b1b013ead3da7601a350
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8400:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 13:10:44 GMT
content-encoding
gzip
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA6-C1
age
34985
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
aY2U35hPE1WWP6fJ3j0ctzBoAh49YRBHR1mdDa4viVzgzf3rGc6Wvg==
expires
Sun, 25 Dec 2022 01:10:44 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=61db144c25b73a8918f10b71ee98ee40_29319_1671922429408&tm=1117&eT=0&widgetWidth=696&widgetHeight=304&widgetX=266&widgetY=6669&wRV=20101&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=583&oo=true&lo=2580&odbreq=2795&odbres=3056&mvreq=3115&mvres=3699&re=3709&cet=4g&cs=2&to=1671922425944&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Dec 2022 22:53:49 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
b8efb37271940d03ccecc093e390871e
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2529 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
336195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2529 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8560941387472259
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
923d4d99322d6f9a2facf7f5b0ef84fd60b78ad8bbe9a661cdf96fbaa452be84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Origin
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49486
x-xss-protection
0
server
cafe
etag
12059740199929288039
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2529 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:49 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 84B1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
336195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 84B1 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25692ae2b409da991755db64d75d32a4f633da2fd6091b0b6972478207423278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49425
x-xss-protection
0
server
cafe
etag
5571918862282784650
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84B1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:49 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 04A6 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
336195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 04A6 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b26f68473dc7cb519d4da644dc50fb9660a56fc04bc4898a560e6d47fc69852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49426
x-xss-protection
0
server
cafe
etag
11102265337347373581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 04A6 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:49 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4F6E 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
336195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4F6E 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8560941387472259
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c33ae8cab8987ee8893e77198bec2a0cca5a780a6f44a9cfb4c992db0332e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Origin
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49350
x-xss-protection
0
server
cafe
etag
16986275910155216136
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F6E 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:49 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158432/2294/ 		213 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158432/2294/pwt.js
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
130ba376473d5d739d0b0ac0f0daa9a16a8388bba60924cb546b1dde75353443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 00:01:56 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=153060
accept-ranges
bytes
content-length
66734
expires
Mon, 26 Dec 2022 17:24:49 GMT
show_pla
flint.defybrick.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=23992920000977576912178225582290247988392120168326690516778713218889&nc=0&tsf=0&tsfmi=&pv=0&cb=1671922429892&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1718242951&at=&bid=e30%3D&di=W1siZWYiLDM2NzldLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6MTIsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMDUx%0D%0ANjk0MDg5LFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCI0LGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJI%0D%0ASkw4NkwyM0FDR1VoQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9y%0D%0AODcwdXhxRngiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIl19%0D%0AIl0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4wMTk2NTYwMTk2NTYwMTk2%0D%0ANTZ9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0x%0D%0AOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEy%0D%0AMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTU1Mjk0MzQxOS4xNjcx%0D%0AOTIyNDI5Il0sWy0yMSwiUUxiWGlKczgiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJd%0D%0ALFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjozOTYwMDAwMCxcInVqaHNcIjoz%0D%0AMzEwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuNSwwLFwiNGdcIixudWxs%0D%0AXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAs%0D%0AMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIs%0D%0AIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjcxOTIyNDI5ODczLDBdIl0sWy0zNiwi%0D%0AW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDQx%0D%0AMCwwLDEsMCwxNiwzMCwxMzQ3LDExNzAsMCwyNDM2LjgsMjQzNi44LDM5MzAsMzkzMCJdLFstMzks%0D%0AIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGws%0D%0AbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3%0D%0AMjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCww%0D%0ALDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3Jl%0D%0AZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDU0XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A266%2C%22y%22%3A6124%2C%22w%22%3A696%2C%22h%22%3A923%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=cW4kDUayrd&sdd=%7B%7D&pto=3949
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f9df32106edf1999a1c86c9b9ad48982c6bb443120e9d5fecc0d5f59cc4daae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1581
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1722
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (ama/488D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3e73b89e-e01e-0010-40e6-1728a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sat, 24 Dec 2022 23:23:49 GMT
fp.min.js
cdn.mircheigeshoa.com/prod/aim/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mircheigeshoa.com/prod/aim/fp.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48E1) /
Resource Hash
678ba3b30abc8363927f1f706435fb1502722a2525007767d05b1b5a8652f13e

Request headers

Referer
https://dailyjournal.net/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
content-md5
vU8nkZRNnn2OJ2o2PJ2Q0g==
age
40554
x-cache
HIT
content-length
20554
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:05:49 GMT
server
ECAcc (ama/48E1)
etag
0x8D9040DC86AC51D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
44fa4ae4-d01e-0050-0f8c-1735ee000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
cdn.godiciardstia.com/prod/aim/ 		1 MB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.godiciardstia.com/prod/aim/g2i.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4892) /
Resource Hash
10ad0b3f5cb38dd38efaae7ca5c57e749a1de1cceca0ec7c624fe7694c3165f3

Request headers

Referer
https://dailyjournal.net/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
content-md5
G1E5O/OQn9v6w9QRkeLVTw==
age
3957
x-cache
HIT
content-length
220944
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:05:19 GMT
server
ECAcc (ama/4892)
etag
0x8D9040DB6AA77DB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4102268d-201e-006b-2ce1-17704a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.pranmcpkx.com/prod/aim/ 		645 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/aim/t8y9347t.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4883) /
Resource Hash
a7d3d8d999842caaafb220f354faaf24ba4cea98cc890ba60b43d557afa21481

Request headers

Referer
https://dailyjournal.net/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
content-md5
7c5vYUXtWXqvyLy/R14QHg==
age
199853
x-cache
HIT
content-length
137741
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 07:09:29 GMT
server
ECAcc (ama/4883)
etag
0x8DA528BD16893B2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0179e3a1-e01e-0039-4b19-160ca2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.pranmcpkx.com/prod/aim/ 		341 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/aim/t8y9347t.min.css
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/aim/loader.min.js?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C7) /
Resource Hash
1f0b3805ae7450b7f469a3ad8c3a1e5307a1b83c927544b120ff0b6806ce14ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
content-md5
kGSDiPpCwSzBM1fkzrZH7Q==
age
3957
x-cache
HIT
content-length
34515
x-ms-lease-status
unlocked
last-modified
Tue, 20 Apr 2021 15:06:43 GMT
server
ECAcc (ama/48C7)
etag
0x8D9040DE8AE073D
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
0024188c-801e-002f-57e1-17fa75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
view
securepubads.g.doubleclick.net/pcs/ Frame 0646 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvLHzqfeppEsohmhGXUtjfT2saNQ-nbrTWfd2Yes5AWPhRVuUp4D5XM8JuOiBr28lZCafVZeRSVrVbwmZ3VWEZw8ZgBj4T8mfC5DRfHBGR2-sV93TNPiZhP69sgd2YcZ4KoADp7Tnzm7kE_3dYMcU93b31BWEr9DQmR2kcF4_18LnKBFoudXOD1aMd-E0jF2vHfXaojISHKlrO7XjPcNRyvnlDXJWy6-J_q9H5sdmoxQkAHVEBHrmNKNlCsAnaB9_a1TawG7SVaV9DFTk8IFEVo3mGK5MbihBL-uwZXz_rVaHS3B8oZOGvQSTMJNZdOTUr4u_PgU8&sai=AMfl-YSE4PSHk3To8n4d1ce3zX0nsS1VJWANronKeJGuPpQKu-oSRf_7YmBcXORcUuKPWi571QUZ_ixMCIUaweLK5_PXOGkq4KRRmWppzykKrKa0g4FN31jnU-VNCeb4leT7LdVTUTOZJPJEG7F2Oz9n6EU&sig=Cg0ArKJSzMVNkTMZR9SREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2529 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOZ-987NXiViXcI3yK5DCQKF3r5fzoaWOvBS8pPyDKHm9GsrOQ6S2i7E9QUtpeBIr-933gndEVleI_TawhWevZXUW0OXuJwv3QX3PMF9rdt6hXd9PIokrInXl-TIMNvzLJVpIdBsJee0lSfInyKwcSMJWEVupwXRLvWobkGI-J0pkhVKPWECmMTLsjijydAm7-adIKqm1gtIvt4oyTJ4Qoom-2GMDt2oKiGEBUHdoZd-IPfxYDThe50lEChHwjs-T7BtHXMmVVJ-y80k86S8JHjhsD5TmFakaH2tBSiQ4LEuxFkOebQj03NqiMKkN4MClFLl3cFe8bqsGgSA&sai=AMfl-YRAIC6FTwRfMtPtOWcYV7BDzPdY9lBv1xOc30i-ysDCFL1rx3BeTRAK1K-mpyNELpOC0sM0sTIxWFzVqHHAeKGkkILhJJ8oSvOxpJqiRMVutbnWqQL9ipwV0tqMMF0N3pFcjdjUAZmK-hZGbpKl9_w&sig=Cg0ArKJSzH34mP5rMYqIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 84B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxFdKdj4ShYVfsNbI-UZv6aW76BXYQwfrAd84xID7VX-FhsQgBlKoVmenqGLNnob1s-6DLUjLi_Mo2E7f1VcwlYE7kzlyNL1E_TemjM6t1H97yBpruFtQ_Prs2kGdKlKAAA235xJw5SfM9CqWhk8B9NvF0hyBgaqblNu8BoRhe5SILZt1P6uARfpIJSmpX3hPLB4I5DTkgmtCPQxXTJYc58mdYE8deAbq_6FX-HwkurYakD3hjXzcQBNuuK3Lx-nag2LJaQyhe6QDV31yxJbPyB0AML1ZK8jVtkqb8yLqmVD8Peamkm1sb2NTnNCF4iJD09PhAAA&sai=AMfl-YSwpf9QK1WRkYUwvHlj3QXk5jIsXxF_Q4PoVxkNsbXEvnuZrpOHWgpMg49r-VjVspoL6iVj2vVyt_Z3JGpKl5kqzSMXXe9E5g6YLbPpqrADvJnVlRYHPHIY1poSFeo9gBMooTWxFBU44RGUiKJf-4E&sig=Cg0ArKJSzI4pPnYRLx1oEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 04A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOvs8t0RjcLRd-c0KpmW4CorLcn285aVil3gLFxOtoo2G-GofLThMQA1kahFtZoMycD0IQ6eBW8eYQ1r73gHDJ-fkDUyi4K9l-pbmoDOnkau9X-2vrzmoVYSAuhk0oHJXcfv_QnRYR7nS2PUI8i27yj_wMM4ZJszrYlHLjESSInnM_uh52FU-f3PLXC8qpof2d1wf8uGeDSzW-QhTYi0sgKVK78JIuE2FIW4xBpEfPB5-qxgi0ErPSZppZxR3KoATEsVdn8j5LrbPatGDmIFCIwe3IBckqyeSwFxo2Iq2qy3RpJ79qCLncKHJKSYK_UYKdj7eXwGPZzbzQDg&sai=AMfl-YQIkjUZwAMZj9RXVkn6HnWdpLMG9PnnKVD05c4mCa80J5xBgxFVuIFTjICC8UV_qySLF5v5F2PmFu6M6BzLxgokpPbefDUSLwN_nQwiMb8dDle8YwqzU8WXUTbpeHkBdgP0XyKLJ8R2bUtFfTfPYd4&sig=Cg0ArKJSzM78l3q1LIaQEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F6E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsGbxQ4a_vmSqKy3s2FQKd7ntJ6FiE76-_Oj_oo8WVc3v2jpUTJ9IK5G-Q_WiX8O93DLV7wJQhSomgPWaHa8ZfmynXgQchg3ww5kxVe-h5rmvbOmu4R4yItXAx5uMj7Oi2NLIf-x8oi1UHfhaO2hhwxVIHuHIwg-Zf0K21xEr7oMALH3rcxwnMjHYsmIs5ioVQSMDZ9DKW6aDqBY7cIy0CJbDK6-moJvaTxSaLB-hlrrGYfZ1xcM_H5CRNjCsKWnTPc1roKw28p8Oj-5TG_MYNjUSWDAGx5bW6iF1mX3yDsRHcTS4pl6SirNrpQiZfqVHlLEersunD6s6ipw&sai=AMfl-YQYETVYpOQfvzG7uQpqLwUJLty5lzUDfTi9AdS31OQCz-_4Y5tffM3Zbx_k9whqo1JAkpYBfSf1UQv4Z7nORNhd3_1K8S2HMben3iAHA23xehuS1JttuTUT89FQPNDz2owY2ssJjYXOwzinB9Ju4VA&sig=Cg0ArKJSzL0VwOGR6mNWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
URL: https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:49 GMT
truncated
/ Frame 0646 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c3925299095c7aa43f759bdf6a79f8ab8130b48d12315379aefa9e3675387f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 0646 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8560941387472259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66a591e6ad8c4120a0d3072f2d5b2737431b1e2a3de9d47252c4107075256338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119959
x-xss-protection
0
server
cafe
etag
2107219325280740870
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame B6B1 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8560941387472259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 17:24:04 GMT
etag
10353107486223812946
expires
Sat, 07 Jan 2023 17:24:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ Frame 2529 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071220
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8560941387472259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eedcf6cf1ce6696a1dd8f00f8c017c326dcdee28aebf8ce80201ca0e07dfea98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120019
x-xss-protection
0
server
cafe
etag
7652085309299322291
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:50 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ Frame 84B1 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8c5e1611f7a635693f2aec2d6ec517077d01e23333f7a9cd3c6b7cec5387187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119970
x-xss-protection
0
server
cafe
etag
5985312425400008706
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:50 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 4F6E 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8560941387472259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
099f7bd7eeecadbaac06271857ca7ed29a0c4ab338b7ec6bc89170c506f4629d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119959
x-xss-protection
0
server
cafe
etag
7087561380695782875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:50 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ Frame 04A6 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e09fbe47395274b7b2ac7c6c0d2470611f1a7b149bda29b8c1f6f4b2482f999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119970
x-xss-protection
0
server
cafe
etag
415296433009820858
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:53:50 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQ5JaNypaZypyRcoWU9MTY3MTxlMwQlOSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAmNwQ3JaN0YT0jJat9MmAjJax9MwUjJaZcZF9jYXNmRG9gYWyhPWRunWk5nz91pz5uoC5hZXQzp3VvSWQ9ZGFcoHydo3VlozFfLz5yqCZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2EjMCUmQTEjMTEyM0FyMWVyJTNBMWJyMSUmQTI0MTtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA4LwAhNTM1OS4kMwQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmYTp4MzZxMTtjNwIzqxygpE9jpG9lqHVhnXR5TXVfqGyjoGyypw01JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NmE5MwI0MmAkOTMzqWyxPVNyn2yhZG9TUGkurWVlNwNuNmtlZzQ0MGQlZCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZxYWyfrWciqXJhYWjhozV0JTJGMwAlMvUlRwElJTJGMwEyMxZjo2kcY2Ugoz8gY2kyYXIgoW90nXZyLWZipv1apzVyoaqio2QgpGFlnl1gYWkfLXNbo290ZXIyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:49 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
r5MO0rNFXW5LnMUJag5b9kMAe2z_8oTgmB6C64tfdx1OXnPL6izVrw==
c
prebid.a-mo.net/a/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyjournal.net
date
Sat, 24 Dec 2022 22:53:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
92
server
envoy
vary
origin, Accept-Encoding
cygnus
htlb.casalemedia.com/ 		36 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=576422&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2258961775c5b588%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F%22%2C%22domain%22%3A%22dailyjournal.net%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dailyjournal.net%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226560f091c9e0a5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22576422%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22576422%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22dailyjournal.net%2Fdesktop%2F300x600%2F14810%23Liqwid_board2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22liqwid.com%22%2C%22sid%22%3A%222147483261%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221b93c3d5-24e0-4735-8213-cd01b29401fd%22%7D%5D%7D%5D%7D%7D
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720baa9eff8805410ccd9c890c2824dcf2cddd6c71b3c83247e109781447ff61

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DteVGLtouBA7uNVfm%2F6DwylQIuJtVEYlL%2FDaphPvMPJtbT1QU%2FM1gdwQ4kqZnS4NuxIiENcVg%2BTuyDjh6RjISlKmDw1ThEQlzVf0ZHuQyhjDb2Q8vC5w80cfltEH2Jb3jgT2mzb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://dailyjournal.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77ecea551fca9223-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyjournal.net
date
Sat, 24 Dec 2022 22:53:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		546 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23994&site_id=404394&zone_id=2264834&size_id=15&alt_size_ids=10&rp_schain=1.0,1!liqwid.com,2147483261,1,,,&eid_pubcid.org=1b93c3d5-24e0-4735-8213-cd01b29401fd%5E1&rf=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&tg_i.ref=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&tg_i.page=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&tg_i.domain=dailyjournal.net&tk_flint=Lpbjs_lite_v6.23.0&x_source.tid=180334ec-c351-4c0b-8b27-2ebc4f5811ba&l_pb_bid_id=10d784e6011ef9b&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&p_gpid=dailyjournal.net%2Fdesktop%2F300x600%2F14810%23Liqwid_board2&slots=1&rand=0.043773816273112276
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
145b9300585410515634beeb62db5dc6012333eea0bd15f9366664d23c69ed90

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://dailyjournal.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
546
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU528VIH
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b5aa4d38c4c23fb29b07d54a09be94d5511c08ed6da8031cd05f7dfd8af6f852

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dailyjournal.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 24 Dec 2022 22:53:50 GMT
truncated
/ Frame 2529 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19f9682fb20961e6072884fa425f6bcedb11d8f1713672c1d8383d1f0c4f70ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 04A6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa60c909b4ad7987872b6a5a7e780eb3d21e623fce972b19fffc59dda8ddf65

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 84B1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28fe630177ad7879c4692819037371b0ee31a4aa938bd53d5101a615095c7246

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4F6E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52aa6f281fccce6611fffce416a92383e9932e8191f6e54d116b6d4cb8639dc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		540 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1671922430336
Requested by
Host: cdn.mircheigeshoa.com
URL: https://cdn.mircheigeshoa.com/prod/aim/fp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0897b7f874ba8ce4cce86610dd2645fad001172555b89e435391901648ad6a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 24 Dec 2022 22:53:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IC0dSz2FuRgoiy26Z15Bqj216SdM3kir4EkCVECS7HU7cS9G%2FC%2BCRliQ37Kycg9L788bs0wRWyAF9rOIL9zfFghVvhfeYG0sKHm4sk197gpltzB1%2B%2BYB23Vx44zy3y0DKkVh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
77ecea55c934912b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
view
securepubads.g.doubleclick.net/pcs/ Frame 0646 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMLlubrQH0Uq7qDsJLA3olhNwD1d0IZ3VGRAFRmFuu1c4RD02oJ6Ecqn40MkmyLf_D4G39ON4t40C1WYcb3C7UhAFqcjdf37rMrD-kdRkdYMxmpmOHlGeci1K51Aes0HtMd69mk_q_qkFeSbIKp612IFx2EaMZzebVYYQS9yQz0ZyMfnfsJgPlSMlhVlvYk-9nk2L6FkDO20et0RRliei_t0Jq71APIhH8YK0P-ZXb7lQhVBrhuxSkrTsf9lbKaqqTdyuBxN8T4zyRTDfpy5_lzTZPezqkXetGFWjZHBpjIDoraedbsXrekvPTyV5HYhGwecf1FdSmzQ&sai=AMfl-YTg_hdWNTcKmUvfjxKrL5qLFILopxdKwOWlC3y6Qmwm_SFmITMxC1e0YnPiiTLw74tbby7LK8yhiTXg9Raa2ZDadve40FBvoYrepkZOTONHxM7TDOMXgo0moeeEeV9lNB_KdO0U2XOi4iRD_409lMc&sig=Cg0ArKJSzJ0Y7eQ27ZYCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:50 GMT
imp.gif
flint.defybrick.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136defce37e843899d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65337fd78afe6d4e3474cec498fbd38e820db619151d0502aaf7f50f81e44002dc35b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1008f77f6aab951d7aefdaff64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0eea287eab74f2aa57ab0bcfa7d5036b4d56493e511e1164f55820e0f82d9d59d81b2c527df21d6deedc85ec54d5814aa5f0ddb93ca1c7785ba74ad55b3c2169124f47d451b52c835ea5c86c7aa25e2836cc04da7c19ccc7780191c2dfb5d1f5d654173d0bc6fb74b98c08032e8ce37adc06189d2a4ae2ec2a2ea516d7f8fa6524994b6075d01e4a3ed39e063dcbf41b9bf6caf2be264c00d934b88fc21874b65bfb3cf3763637d4072540353ffa3937ece10e3105c4928e4a60d8ac95b53a0aad5bba07e80b1f6f6edf9b3ec4a4d3be74484b0456d804a7906d1635c6d71f07bab6a04c1edc57f9763d12597b62acdba6085695c332a1008668edcf6892e7154860a00c4c1d3bfacd81050dcf6e83fe59036259c8b4c6b7bf3d59b1374ab35c61f8d10e372&cb=1671922430458&cri=cW4kDUayrd
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 2529 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSUFyVZ_Hs2_S9Uwoojd0ssgHz0ud_p-6NZVp1dn8gg7uIMgGsQVJZcLG-LINy8TlUNEw8q93SP0OIaZjoYD1ydJNmpJv5SBDXqVulliFynHdwZU7G9jMDBP6M0i4Ra4kWCBNMJm5UDoJf7oTF6sgHEG6xODHzN8ziJ5n9fCMG7qhSgpRqLrz1fDyaQtdOWPi55n0y6e1KfZG6Oa2vY621EHfRhsho-A9Y70mbXb9CbXF9uzytKtbr5Zrb3T6SMzvR8NgjY9UMH6jPF5UTeh63gDNmk43m3VpbRKGcq4Ip736RkYaD1frMd_TI6G-OPOEKDKAGMmT3T4aXZcBq&sai=AMfl-YSjLApAF62CYyJbmWee-ZCz1HKk0bss4FKl6Qv9cg7GGXNO1V-ws5-Bf-jdkg8vR8jOgy9ROrrCHq6oc0kPWC2lc1B2Q_f66Kj60R7u7oPWxz7iMJekouDii20zvXd7I258J8vQwuu2lj871wQkn94&sig=Cg0ArKJSzA3TugueGMxzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:50 GMT
integrator.js
adservice.google.de/adsid/ Frame 0646 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0646 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3397 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&adk=1812271804&adf=3279755401&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922429973&bpp=3&bdt=427&idt=370&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&nras=1&correlator=7747638681055&frm=24&ife=3&pv=2&ga_vid=1455683657.1671922431&ga_sid=1671922431&ga_hid=1926518708&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1155052577080655&tmod=344034424&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.11u5mae1v6s6&fsb=1&dtd=567
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0646 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84e63f1e22257b913359f37eb2f64a6c854702e02abe1801e878690690a9a0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11108
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 84B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-OQ1nDwMN6zLxgTiLAJusblpq11ThTTK8cXQZ_zWiBAsQednJnQWkDLlrZRWWWK62n9kExrk7MJGrsmPeSIDgmIZE9VyGnqYlcAIBS9ivNjwfC0uL4ayGhm-INa3j_OCzz4FBjUKlYaqzQKKTdUSS6_kINGB_ByaORBBMZPj6QtjQyEoqjBLInjm7RnOjFeYFhIBbOK03lHmiMfvEntR3d28Tg-SXhhjExqRW0zdrDXb4m0HM2ldTBjAtAjKuxZl37e5ms_zeZGmkYcbeNHFhe2Ia6wzbS2yUQaYMZZm2TnPDpz4ajpJty-Q2HpaOSn5Nj3UAD31p&sai=AMfl-YQXXk2hM9lTvwsYL9FkFV4_Dn1C20BAwz5jUNtkDIshfLgQnb4gM_lxApldSbo5Npi8TksprdfUruH6cJggbWtFMYEeHwfFJuYDqnCAmPgpYrdm6Fk6kUmr3CN1Z5UM19UDBd4vTz-D4KKWh6ZHgJk&sig=Cg0ArKJSzGqK68DQhaIREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F6E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQsCfHpC6dy1FIFW2MbgagaxCVtBqw2iCRx8td--e3pf8JtunDNFDHRrdFBAidrtdD16PfFEaV3z3oO_p_jvXsLSIf0DHkuRNVb0jafjEHsrnMe0KeDlC26L8OWpLBvwGxk_HqWG3iPg-BtXukbjSlt4X331i7DIwqV-_AxlN6Sp_V5jv_oOOXdg2zmJlqNpNGl26DgqkFubCQiF98SHmLdA5G9F0rmVf0iPSKrriRs0OnvnBgdly7vONGw9rJ1z7owisvZyBuFT0-25Bl7ouZIDKL5ZncY90Ig8jpclLJr3iKXPhCRNxpBCCz10CNQqPQtDeb9AsVwO359FIB&sai=AMfl-YSCwK7FN6or1WBnYuI5IZjM23AlADPKJJ7lBpXmTeZQNCrCqocsWMs1Q4eFS5dnyWtPN4lsd_R01hwPAf-Lo4Ypy4wsGimHchvtGW8CF0I7RcDHn61hekNUKdLKnFyZHxXkFA20vU2-qlZP3OW0OwU&sig=Cg0ArKJSzHSbQiY4mgyJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 04A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuiUqYDIWU8MfD3QZjs43OqJQc3tiB2U7HaGCpAT5JzEM6q0ChNLchNJq-gDZYHskTrPRFpzZN4gKSogqNTnO4CbA16XSSQ623FQzmI2tbGqmUtmsAivqnznv4u6QEgCQCRLTlQmRACakGQ-dfUNrofHjuTKsoZwB9Uk9IhiQYJJvv7vhlSWPe74YD7ZxzNWf0USempaCCQj4sA4tLPDSE91ULex_5q9rv-tIDEf1nOU_ciXXx3iHIGrBlmmZcZyVkMnopdFf_NMXD5bEFYjZ02nJZWDZUrC3MVVkZwgB11Epelwm_OTnEnBYOnoxUMcOTK2rXljZLwn6rA-fcO&sai=AMfl-YS3OYjb6fwm-SH4VAN8MNLsNwwPu2tuqffrrsesfmjcpQ976lJd9T-a6gIxUvwsSkZSVAixXdbPUA0Yx69APsCTng7L5rL1bWR1aJAEiyEPIJiQHjQup8p9_cmdKZg51Uybs6gHA8T0Mcf0Hn7epeE&sig=Cg0ArKJSzH-jraiJOM0mEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:50 GMT
integrator.js
adservice.google.de/adsid/ Frame 2529 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2529 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 991C 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&adk=1812271804&adf=3279755400&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430080&bpp=3&bdt=475&idt=290&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&nras=1&correlator=8353040414440&frm=24&ife=3&pv=2&ga_vid=1652596345.1671922431&ga_sid=1671922431&ga_hid=857961805&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071220%2C44780792&oid=2&pvsid=4297324316398616&tmod=1696691006&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ouvhtb20ezn4&fsb=1&dtd=490
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2529 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e635c523ba1390dc7deea50d4bb766f83be24fd4d22943c9fd1c8ac0c9f3266c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11312
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E40A 		430 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=4266025097&adk=3265387130&adf=3173046728&pi=t.ma~as.4266025097&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922429973&bpp=1&bdt=427&idt=465&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7747638681055&frm=24&ife=3&pv=1&ga_vid=1455683657.1671922431&ga_sid=1671922431&ga_hid=1926518708&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774648%2C44774652%2C44780792&oid=2&pvsid=1155052577080655&tmod=344034424&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.pz1yuib4rh7y&fsb=1&dtd=604
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
779906354e887f593f6cdb80152929ddd4aa89be073c3eecb5838b280410b60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 84B1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 84B1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6185 		75 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db1dceab64bfba39c5e79ce3f1edd294914a7277f4eb333c6c2ccbd8d132bee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
31241
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 84B1 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53ade5631caa41f2b8b8fdf2a1864845bc61334d652a0950b48e047e43275fb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 4F6E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4F6E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D229 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&adk=1812271804&adf=3279755402&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430110&bpp=3&bdt=487&idt=373&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&nras=1&correlator=7415080145261&frm=24&ife=3&pv=2&ga_vid=1190987994.1671922431&ga_sid=1671922431&ga_hid=1915413155&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774649%2C44774653%2C44778608%2C44780792&oid=2&pvsid=32283905124398&tmod=275441176&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.9ic8gnuxwft7&fsb=1&dtd=496
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4F6E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
698d1eaf6958f37f651e6705e8c7d78c346ffffd8d85bc24cc4fad8e89a3fc42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11189
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 04A6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 04A6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D8CB 		430 B
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=4276895084&adk=1395521969&adf=3173046726&pi=t.ma~as.4276895084&w=300&format=300x250&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430162&bpp=3&bdt=544&idt=337&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=6860328260084&frm=24&ife=3&pv=2&ga_vid=179632539.1671922431&ga_sid=1671922431&ga_hid=19606477&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779794%2C44780792&oid=2&pvsid=4498570735256235&tmod=182861204&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.o87l8ukx0xtd&fsb=1&dtd=457
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db681824fa52e7aa7789e086d6ba9c7f2fec98b054ef0ca89c02977aa6611eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
205
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 04A6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fa663756a880403dff9b066a41b0f5860805cf4067a83e43c04e32e5515e7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11106
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 396E 		430 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=3083013359&adk=3570903784&adf=3173046727&pi=t.ma~as.3083013359&w=300&format=300x250&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430080&bpp=1&bdt=474&idt=434&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8353040414440&frm=24&ife=3&pv=1&ga_vid=1652596345.1671922431&ga_sid=1671922431&ga_hid=857961805&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071220%2C44780792&oid=2&pvsid=4297324316398616&tmod=1696691006&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bqnwdkygz0ks&fsb=1&dtd=626
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b2115892cd71c30e309773b80fc3515b0d3e492311d02378280beb456097c4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 94D4 		430 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=250&slotname=3083013359&adk=3570903784&adf=3173046725&pi=t.ma~as.3083013359&w=300&format=300x250&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430110&bpp=1&bdt=487&idt=441&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7415080145261&frm=24&ife=3&pv=1&ga_vid=1190987994.1671922431&ga_sid=1671922431&ga_hid=1915413155&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2563340697&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774649%2C44774653%2C44778608%2C44780792&oid=2&pvsid=32283905124398&tmod=275441176&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.5f9tkhuey8lk&fsb=1&dtd=607
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb80ac962aa35c6ed8a82398beeae25d6fc9e23088bc5949d43a81f0c3c129ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2529 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0646 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:50 GMT
jstag
liqwid-d.openx.net/w/1.0/ Frame A49B 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://liqwid-d.openx.net/w/1.0/jstag
Requested by
Host: liqwid.net
URL: https://liqwid.net/static/main544.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ee2e9e7563eeef5072d61733a1aa15ec8309ffe3e9bcddcc77a33f75194be4c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18070
expires
Sat, 24 Dec 2022 23:53:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 04A6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 84B1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4F6E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8560941387472259&plah=b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:50 GMT
gtm.js
www.googletagmanager.com/ 		164 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NS8286F&l=MG2DL
Requested by
Host: cdn.godiciardstia.com
URL: https://cdn.godiciardstia.com/prod/aim/g2i.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03f6af12c8a6f9375359cbe692257b12edd256f4d6022440b15b3faef3a25ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56532
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Dec 2022 22:53:50 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/aim/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1723
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (ama/488D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3e73b89e-e01e-0010-40e6-1728a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sat, 24 Dec 2022 23:23:50 GMT
index.js
cdn.czx5eyk0exbhwp43ya.biz/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/aim/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
163194
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (ama/489D)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
55a81260-801e-0010-686e-1632d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
DJ__DJPRODDEFAULT.json
cdn.pranmcpkx.com/prod/data/aim/ 		149 KB
149 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/data/aim/DJ__DJPRODDEFAULT.json?_=1671922430851
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/aim/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3458b5bb1853a2a737cca25ea5a146047b091cd06cce10443dd8b58de68a518f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Sat, 24 Dec 2022 22:53:50 GMT
last-modified
Fri, 23 Sep 2022 16:41:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8DA9D826D567283
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
7910af35-d01e-0040-47ea-17f086000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
152345
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.228.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 22:53:52 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
EG0ZFDXGW97MT32Y
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
yBihaSA9A62wwpmQr1W2+bkOvWro/nGVRJSdlCuG2oN6gyc116+LrxcZCUSOSi5U9VLZAQpdWCM=
x-amz-meta-s3b-last-modified
20191015T134358Z
12221546220844366217
tpc.googlesyndication.com/daca_images/simgad/ Frame 6185 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/12221546220844366217
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f70799716ae4c1a547b233a3c01bf95e07baad68fc8575d1a7dee2854345eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 16:36:16 GMT
x-content-type-options
nosniff
age
541054
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34226
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 09:09:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Dec 2023 16:36:16 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6185 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
76518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6185 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
76518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6185 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
76519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:31 GMT
l
www.google.com/ads/measurement/ Frame 6185 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfr_t0vD4tAlGsSUDLC-B_8T9Pa5THA-BBxoRc_7P_sJhriqNx3v45S11u5xE7Hrc7QQciQIsb3aCKbRWKYji2bFNWTw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6185 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:51 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6185 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 19:37:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
11789
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13740
x-xss-protection
0
server
cafe
etag
2612990788289469886
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 19:37:21 GMT
acj
liqwid-d.openx.net/w/1.0/ Frame A49B 		307 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://liqwid-d.openx.net/w/1.0/acj?ai=f31ae52c-f675-46a2-a273-9a2c5ebe2db3&o=852045358&callback=OX_852045358&ju=https%3A//dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/&jr=&auid=541210485&dims=1600x1200&adxy=0%2C0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=0x0&ifr=1&tws=1600x1200&mt=1
Requested by
Host: liqwid-d.openx.net
URL: https://liqwid-d.openx.net/w/1.0/jstag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b5dee9094d9f8d512b266964054a2363853fa1755c46b9670cd0e13cc8e89fdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6185 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cy3-u_oKnY4udJYSD7_UP4feGoAqR2MjUbZTBhu--EJOk_PXVNRABIIKq8w5gleKQgqAHoAGBoaS5KMgBAqgDAcgDyQSqBMwBT9C14py_O7PZQqDk3WKNhdqsKgoeOXvOZk1EHnEi515_d4u8OnMlacEIlwl-FH48x1jEOhODX2SLwhgquLTf1RjdK44WpoTW40cTWQLvLNPrQwI3awAypQX9LqMT6Ydi5ObPTLjQCoqAsNjhR17PJY5uT8W4sg1inbtDMaSlQKPcoQzE97XMMHvbXfCulJZ9hFN3jxc7W_dzTKDF9g5Ek1zPQpfKWe6rEqyTpHnAkIyTnFnFXHBfn0K5DhuvRIWCskAPtaG7CSwmueBfwAS6h4r3nQSSBQQIBBgBkgUECAUYBKAGAoAHgdn0mAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCNLdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTg1NjA5NDEzODc0NzIyNTkYAA&sigh=mV4Ok2Tpf4c&uach_m=[UACH]&cid=CAQSKQDq26N9P3rW_u3yR-vFx_9KbbzabsJwW5u1j4yKIqdCwT4OxSOB4MqOGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 24 Dec 2022 22:53:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E485 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
335717
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 288A 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e4bba5e1a819b31a4f729797c0e09a73b78c3dafbd1287e88a6e90e705e7a635
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QmxKsD2FTlOclj9XKICzsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-QmxKsD2FTlOclj9XKICzsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
expires
Sat, 24 Dec 2022 22:53:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C2D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
335717
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 546B 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11608d595e1e992c321623c6e3f96a1b699e68931ad0ec04188558bf15953937
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tM7_MEvaf-mDd6kZkQR_Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-tM7_MEvaf-mDd6kZkQR_Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
expires
Sat, 24 Dec 2022 22:53:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7220 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
335717
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2505 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9da6a0ee53393e3720f5b9f542f1bb3dc40750b5e26ea3a6cac1015116624c77
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6sqjehtXxnJqC7g6l5ObWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6sqjehtXxnJqC7g6l5ObWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
expires
Sat, 24 Dec 2022 22:53:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D24B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
335717
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5E76 		783 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8d71bbcce819227735147ca5d04ab942e0e7f4ddad258438d44d47389fc9377f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EJ6OAj8rBRkPP-OLLmRidA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-EJ6OAj8rBRkPP-OLLmRidA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:50 GMT
expires
Sat, 24 Dec 2022 22:53:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4DC1 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
527
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:45:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E3BF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
55547
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 07:28:03 GMT
etag
48472445140208031
expires
Sun, 25 Dec 2022 07:28:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1234524406&t=pageview&_s=1&dl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&ul=en-us&de=UTF-8&dt=Police%3A%20%E2%80%98No%20clear%20motive%E2%80%99%20for%20Greenwood%20Park%20Mall%20shooter%20-%20Daily%20Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAUABAAAAACAAI~&jid=124946190&gjid=1702762920&cid=1552943419.1671922429&tid=UA-206376083-1&_gid=1848441940.1671922429&_r=1&gtm=2wgbu0NS8286F&cd2=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=1.0.0.0&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=Default&z=757236054
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dailyjournal.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS8286F&l=MG2DL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 22:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1590
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 25 Dec 2022 00:27:20 GMT
truncated
/ Frame 6185 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
141091d2a8335f255b1600fca57ee9409b3790376ac5b9b84158003e08bd897b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 973E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
335718
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 81E2 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1dfe65de29e23943f85f21fd00d8f5e1037d14fb466bf1abe540128f93c0f5c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0wrc85UA6LWMnyABQngNFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-0wrc85UA6LWMnyABQngNFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
Sat, 24 Dec 2022 22:53:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E3BF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGRDj8wPI06dkeIN_Uf7njw&google_cver=1&google_push=AavPq0NUxd02hLZ4bZiJXW4zsjeMSIvrlDazYuVpteGGLUuSH-Vuw6oW6li9pQdXh0MbswDkOtxHtQR7qR_CHktnyh7781vIbGfaxac
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA3NzA0Mzc0MzEyOTM1NzYzMA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRDj8wPI06dkeIN_Uf7njw&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRDj8wPI06dkeIN_Uf7njw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRDj8wPI06dkeIN_Uf7njw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E3BF
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEC8HZAwWc9ouK9guzswflRQ&google_cver=1&google_push=AavPq0NPfrwAl2LmfY5pgXzqilfWBJUmgcZ79JNhv7RXOWk6HmS4OfMaFhdJHUpmIKSZWDTttJ820ylGE6_3r1Vk...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=PZdNkm9JTZKG5VytbIxOww2&google_push=AavPq0NPfrwAl2LmfY5pgXzqilfWBJUmgcZ79JNhv7RXOWk6HmS4OfMaFhdJHUpmIKSZWDTttJ820ylGE6_3r1Vki9ZZviYGM12X43Hm
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=PZdNkm9JTZKG5VytbIxOww2&google_push=AavPq0NPfrwAl2LmfY5pgXzqilfWBJUmgcZ79JNhv7RXOWk6HmS4OfMaFhdJHUpmIKSZWDTttJ820ylGE6_3r1Vki9ZZviYGM12X43Hm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 24 Dec 2022 22:53:51 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=PZdNkm9JTZKG5VytbIxOww2&google_push=AavPq0NPfrwAl2LmfY5pgXzqilfWBJUmgcZ79JNhv7RXOWk6HmS4OfMaFhdJHUpmIKSZWDTttJ820ylGE6_3r1Vki9ZZviYGM12X43Hm
x-host
tde-deliveryengine-production-769c9db745-dspjw
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame E3BF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDZr_Tak47P4mhRZUc7Pqq0&google_cver=1&google_push=AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnSQWUyn3...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDZr_Tak47P4mhRZUc7Pqq0&google_cver=1&google_push=AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnS...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnSQWUyn3iqKTQDxNFQI_&google_hm=DUP2ZRwJR1i9wZ5yX5n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnSQWUyn3iqKTQDxNFQI_&google_hm=DUP2ZRwJR1i9wZ5yX5nl2g==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnSQWUyn3iqKTQDxNFQI_&google_hm=DUP2ZRwJR1i9wZ5yX5nl2g==
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame E3BF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEFZxtovPNsF2wN7MNOJGIWw&google_cver=1&google_push=AavPq0MRnGpbw9aYCM0VVhvgnW43FJnWOzw5VCGL7EtK4dy0lbgYUlHAmljVEFJZFy36baCWnAkO8aIkrSMSHglwQhN2hFD...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFZxtovPNsF2wN7MNOJGIWw&google_cver=1&google_push=AavPq0MRnGpbw9aYCM0VVhvgnW43FJnWOzw5VCGL7EtK4dy0lbgYUlHAmljVEFJZFy36baCWnAkO8aIkrSMSHglwQhN2h...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MRnGpbw9aYCM0VVhvgnW43FJnWOzw5VCGL7EtK4dy0lbgYUlHAmljVEFJZFy36baCWnAkO8aIkrSMSHglwQhN2hFDmVtOD3Y0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MRnGpbw9aYCM0VVhvgnW43FJnWOzw5VCGL7EtK4dy0lbgYUlHAmljVEFJZFy36baCWnAkO8aIkrSMSHglwQhN2hFDmVtOD3Y0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0MRnGpbw9aYCM0VVhvgnW43FJnWOzw5VCGL7EtK4dy0lbgYUlHAmljVEFJZFy36baCWnAkO8aIkrSMSHglwQhN2hFDmVtOD3Y0
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame E3BF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_hm=Y6eC_6pcwMc0WqeJpHpdkQAABH4AAAIB&google_nid=index&google_push=AavPq0ODJnUSP15PqvYRGyeO1p6HrKxquyNKX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_hm=Y6eC_6pcwMc0WqeJpHpdkQAABH4AAAIB&google_nid=index&google_push=AavPq0ODJnUSP15PqvYRGyeO1p6HrKxquyNKXRtZNCKzhS_7h7go_yk4CZJoNLqycRcAKkw_XfODRnAS_kvrheJvJWMDd2WbV1sqUic
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BtkItbNYYLNCYeEDMSYVwXmbuNEs%2BSHs2cG%2B5rzd8BGyd2uTJNC3dVSTQNI6lL%2FrW11RMBosAdjEA5et42sB%2Fb63cKXSIiO3nNZgX7BxdzFhlcAQMFVK3FmKtDljC7oRNsP2MIbwwuGrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_hm=Y6eC_6pcwMc0WqeJpHpdkQAABH4AAAIB&google_nid=index&google_push=AavPq0ODJnUSP15PqvYRGyeO1p6HrKxquyNKXRtZNCKzhS_7h7go_yk4CZJoNLqycRcAKkw_XfODRnAS_kvrheJvJWMDd2WbV1sqUic
cache-control
no-cache
cf-ray
77ecea5b1b859150-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sync
ssbsync.smartadserver.com/api/ Frame E3BF 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELq8AmU13Vn70AQ5AYiyKw8&google_cver=1&google_push=AavPq0N6e_m4V7AxhVYjt-SKGb2Lb3SEjLdzjfSejV2wKuUBwF--eDONezY_n568yvNRDLHWYk1STq4zavWFQFR1z9r2mqMLygdPzmqN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:50 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame E3BF
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENFCQON8r...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENF...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0d43f665-1c09-4758-bdc1-9e725f99e5da&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0d43f665-1c09-4758-bdc1-9e725f99e5da&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0d43f665-1c09-4758-bdc1-9e725f99e5da&%%GOOGLE_PUSH_PAIR%%
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E3BF 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmCisV4Sa0CKXQiqeShFrrp77wIQu-gTFcwsohZ2veXQZeVTntl_cvbV8LsWY6BW3uFqoINQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4DC1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
Sat, 24 Dec 2022 22:53:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:51 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame E485 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 288A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1155052577080655&rc=
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 546B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4297324316398616&rc=
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2505 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4498570735256235&rc=
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=3833995942244631&rc=
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 6C2D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 7220 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame D24B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 973E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
prebid
id5-sync.com/api/config/ Frame 3694 		135 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyjournal.net
date
Sat, 24 Dec 2022 22:53:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 3694 		44 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://dailyjournal.net
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
id
id.crwdcntrl.net/ Frame 3694 		43 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://dailyjournal.net
cache-control
no-cache
x-server
10.45.30.240
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 3694 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
11415d735a81423f47f921a629df017d964a84a349d6a32d88573a09312af3b8

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dailyjournal.net
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 23 Jan 2023 22:53:51 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F0D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56197
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
Sun, 25 Dec 2022 14:30:28 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 3694
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=undefined
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=549012f8ba2f8c5a156cd3ed5ce227&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=v2e3f_7180852162594343964&gdpr=0&gdpr_consent=undefined
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:51 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=undefined
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1671922431479061-361
Expires
Sat, 24 Dec 2022 22:53:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 81E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=32283905124398&rc=
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
v1
lb.eu-1-id5-sync.com/lb/ Frame 3694 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
dbc846c4a0286ad836c775780c85f5d0ddcda6b94dc9545f8d1ad05fa350801f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyjournal.net
date
Sat, 24 Dec 2022 22:53:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 3F0D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78997006&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e61d7c572053394661184efac116f2f41ad6325f1180387ddcbab646a0025bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame E485 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VCINrw
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6C2D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TsDl8A
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
212.json
id5-sync.com/g/v2/ Frame 3694 		216 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
baf8ffd38c58c3be5c3a14a82abd966fb4e5551288ab5ee6a88f957bbbc90d2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dailyjournal.net
date
Sat, 24 Dec 2022 22:53:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 7220 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hTNQ8w
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame D24B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jvx1TQ
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 973E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?F0-MyQ
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
views
prod-aim-proxy-connext.azurewebsites.net/api/ 		64 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-aim-proxy-connext.azurewebsites.net/api/views?UserId=d203a9ecf2fa02d1217f28c964192c25&ConfigCode=DJPRODDEFAULT&SiteCode=DJ
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/aim/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940

Request headers

source-system
Plugin
site-code
DJ
autoqa
false
accept-language
de-DE,de;q=0.9
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2NzE5MzY4MzB9.5lqzLTUAYwANtz3yDFocbq_9Pn7dNOE-9XLkw2irefg
ssid
824cd20c81204a3ff98c0381bb69ec8c
environment
prod
config-code
DJPRODDEFAULT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
location
System
Referer
https://dailyjournal.net/
version
Version: 2.7

Response headers

Expires
-1
Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:51 GMT
Content-Encoding
gzip
X-Server-Time
12/24/2022 10:53:52 PM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
176
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
views
prod-aim-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-aim-proxy-connext.azurewebsites.net/api/views?UserId=d203a9ecf2fa02d1217f28c964192c25&ConfigCode=DJPRODDEFAULT&SiteCode=DJ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://dailyjournal.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 24 Dec 2022 22:53:51 GMT
X-Powered-By
ASP.NET
Pug
simage2.pubmatic.com/AdServer/ Frame 6E75
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:991b63a7-82ff-4b00-a6c7-245c934cbce9&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:991b63a7-82ff-4b00-a6c7-245c934cbce9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 24 Dec 2022 22:53:51 GMT
Expires
Sat, 24 Dec 2022 22:53:50 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x9 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:991b63a7-82ff-4b00-a6c7-245c934cbce9&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 2D7B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6332161526117260734
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6332161526117260734
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6332161526117260734
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 24B5 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
Sat, 24 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
427009
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 401C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 24 Dec 2022 22:53:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
V960PC5HKJE4ZN2SAM0M

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 24 Dec 2022 22:53:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EHYN1KAG4WR5NZYRM091
Pug
simage2.pubmatic.com/AdServer/ Frame 5BC6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4203139841800031892&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4203139841800031892&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
0a6f2425-ff77-46b6-a6cf-44f4a3dbabda
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Dec 2022 22:53:51 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4203139841800031892&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 50BB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h
42 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 4F4B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180852162609150106&gdpr=0&gdpr_consent=
42 B
471 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180852162609150106&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 24 Dec 2022 22:53:51 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180852162609150106&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame F71A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3ZOejCisSTFJ0AeQ8YTrUNlAlyA
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3ZOejCisSTFJ0AeQ8YTrUNlAlyA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Dec 2022 22:53:51 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3ZOejCisSTFJ0AeQ8YTrUNlAlyA
Pug
image2.pubmatic.com/AdServer/ Frame 5870
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIM2NVN0hUd1lBQUNFUnBLQ1FqUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAH3cU7HTwYAACERpKCQjQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAH3cU7HTwYAACERpKCQjQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAH3cU7HTwYAACERpKCQjQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4808890107944590772&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH3cU7HTwYAACERpKCQjQ&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH3cU7HTwYAACERpKCQjQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 24 Dec 2022 22:53:52 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAH3cU7HTwYAACERpKCQjQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame AF7D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6eC-wAGe4K50QAZ&gdpr=0&gdpr_consent=&_test=Y6eC-wAGe4K50QAZ
1 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6eC-wAGe4K50QAZ&gdpr=0&gdpr_consent=&_test=Y6eC-wAGe4K50QAZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 24 Dec 2022 22:53:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6eC-wAGe4K50QAZ&gdpr=0&gdpr_consent=&_test=Y6eC-wAGe4K50QAZ
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220040-HHN
x-timer
S1671922432.729229,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 6015
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 22:53:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 24 Dec 2022 22:53:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 83C3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77ecea5eadbc2be0-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77ecea5d6c152be0-FRA
content-type
text/html
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
90
cookiesync
core.iprom.net/ Frame D504 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 24 Dec 2022 22:53:51 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-05aeff407afc@version_1.531
X-core-time
0ms
X-server-arch
v2
generic
match.adsrvr.org/track/cmf/ Frame 1393
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1671922431616
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2396167528
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2396167528
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 24 Dec 2022 22:53:51 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 24 Dec 2022 22:53:51 GMT
etag
RXc7991929ecc8408881175669695f25fc003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2396167528
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pub
matching.truffle.bid/sync/ Frame AAB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sat, 24 Dec 2022 22:53:51 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame F30A 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=110a19310ec5d810/gdpr=0/ Frame 9F23
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=110a19310ec5d810/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=110a19310ec5d810/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbbagbRYbanjVQSba
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Sat, 24 Dec 2022 22:53:51 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.14.227

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=110a19310ec5d810/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbbagbRYbanjVQSba
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F0D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WdOOig8ORXaifaR-WAV9Kw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=56197
accept-ranges
bytes
content-length
5554
expires
Sun, 25 Dec 2022 14:30:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3F0D 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=59D38E8A-0F0E-4576-A27D-A47E58057D2B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77ecea5d7f3b692b-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 3F0D 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-208.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.240
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 3F0D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3587814344
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=59D38E8A-0F0E-4576-A27D-A47E58057D2B
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=59D38E8A-0F0E-4576-A27D-A47E58057D2B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
via
1.1 google
last-modified
Sat, 24 Dec 2022 22:53:51 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=59D38E8A-0F0E-4576-A27D-A47E58057D2B
date
Sat, 24 Dec 2022 22:53:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 3F0D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTlEMzhFOEEtMEYwRS00NTc2LUEyN0QtQTQ3RTU4MDU3RDJC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3F0D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIVkHDDQXiGEjM97RwKndfk&google_cver=1
42 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIVkHDDQXiGEjM97RwKndfk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIVkHDDQXiGEjM97RwKndfk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3F0D 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 23 Dec 2022 22:53:51 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3F0D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3F0D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6829081943877337663
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6829081943877337663
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6829081943877337663
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
59D38E8A-0F0E-4576-A27D-A47E58057D2B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3F0D 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/59D38E8A-0F0E-4576-A27D-A47E58057D2B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f84d:3d72:727e:650c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 3F0D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rRp9y39E2uVwkZj6PdmMioAbudaPN04-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rRp9y39E2uVwkZj6PdmMioAbudaPN04-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rRp9y39E2uVwkZj6PdmMioAbudaPN04-~A&gdpr=0&gdpr_consent=
date
Sat, 24 Dec 2022 22:53:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 3F0D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d43f665-1c09-4758-bdc1-9e725f99e5da&gdpr=&gdpr_consent=&gdpr_pd=
1 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d43f665-1c09-4758-bdc1-9e725f99e5da&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0d43f665-1c09-4758-bdc1-9e725f99e5da&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3F0D 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3F0D 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3F0D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ca095a38-6150-4be9-854d-c90e33e817d3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ca095a38-6150-4be9-854d-c90e33e817d3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ca095a38-6150-4be9-854d-c90e33e817d3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 24 Dec 2022 22:53:51 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 3F0D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9077043743129357630&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9077043743129357630&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 22:53:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9077043743129357630&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3F0D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4203139841800031892
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4203139841800031892
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 24 Dec 2022 22:53:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fd1395de-0922-4d26-9a08-302fd5231d09
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4203139841800031892
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 04A6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRpg0DOwXXiUeuxsa5p83D2W9nlXDbId-vtDK0XudclWUOzi64bZLa8RP_2_r0Ib7aUYWtMS_wOQCOCe8REkUZbcdC6QjrEUcTDsMM1p6m9TU674oG&sig=Cg0ArKJSzMhvap56SNYcEAE&id=lidar2&mcvt=1000&p=945,1022,1195,1322&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2940209228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671922429488&rpt=1068&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 2AB2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8560941387472259&output=html&h=90&slotname=8420563345&adk=3160111873&adf=3173046724&pi=t.ma~as.8420563345&w=728&format=728x90&url=https%3A%2F%2Fdailyjournal.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671922430093&bpp=2&bdt=482&idt=374&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&correlator=4501915449420&frm=24&ife=3&pv=2&ga_vid=1436098748.1671922431&ga_sid=1671922431&ga_hid=1330553259&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=902923030&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31071219%2C44779793%2C44780792&oid=2&pvsid=3833995942244631&tmod=21645501&uas=0&nvt=1&etu=ADvE6kCvEx1SAA7dqxf_jzGNfz938tGkXE8diHXBL3NlLXpgo6rIgJruTm4HydFuAaBT_wgLXKcO7i4dXfEJnYc6GZIcw6k9XS8EFcAb4kCR9uTRmcGNZBGktB4lmZ9Ed17F_8otqHv3PrHk4-BYe5KkH466gTsNFlSqeAlCeGE&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.qutqj5s0zu5t&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
130388689_web1_20211218dj-christmas-dinner-3-218x150.jpg
dailyjournal.net/wp-content/uploads/2022/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130388689_web1_20211218dj-christmas-dinner-3-218x150.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a085de908ce66364c5621ca806c22a80eabddd6fbf26ae0223cb1b265669c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:52 GMT
cf-cache-status
MISS
last-modified
Sat, 24 Dec 2022 12:00:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uf%2FJEQpcYn5vKi4AR0KQlq3nxtZESqw1JdfFxBaWIyrHP1vTgEbCu4%2FL5mpiL%2BqLyyTKqtwffHrDjLRXeQwhMzgMRVjn7WNU%2FLmu9P79hI0pSBkm6AsSZerEpxiAS%2BqD%2BK187sUo0GHKSbxfpNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea5fcae69046-FRA
content-length
13242
130322701_web1_stock-news-keyboard-218x150.jpg
dailyjournal.net/wp-content/uploads/2022/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2022/12/130322701_web1_stock-news-keyboard-218x150.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5edbdaf814c83fcc7890b11d3b240a8b527cb38b05eee7bc7202a5bb44f0d702

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:52 GMT
cf-cache-status
MISS
last-modified
Sat, 24 Dec 2022 08:00:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTtIdMKJpi6wA6PicHpuDfFmMm7XwpN7CGiv1R2paukr%2FG0Ncl2zKX89hpQPBZUk7gGTTrHfgMZrNoMnxZlxTOhnIHu9x4MdxgiIzWF4jgHCCNGG3cBbsAP1Ba4oqMElmQiyRcx9TQHJpvT2UfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea5fcae99046-FRA
content-length
11055
police-lights-218x150.jpg
dailyjournal.net/wp-content/uploads/2021/05/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyjournal.net/wp-content/uploads/2021/05/police-lights-218x150.jpg
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f82d37f8739af265a3bb15d779c42e08c1aaf85142d2e77b8e0a9255c15d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:52 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:100,h2pri
last-modified
Thu, 21 Oct 2021 05:00:10 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=40534, status=webp_bigger
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ORTeC%2FYijywWHS%2FHe1Aw1Z6BdG5lP0GsmB3ETBhzj8jrBqVNgYIlCb6aXuq%2FGcIJC2QAPH96P2zEvAkizB8JEBeoF8WKrHEaynuw91E6nc8PJtgFtVvDbhe2SkmuyUYIJNBAVJ5uoP4G3lVq90%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77ecea5fcaea9046-FRA
content-length
10710
sodar
pagead2.googlesyndication.com/pagead/ Frame 0646 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1155052577080655&bg=!x8SlxIDNAAYgquz3AKo7ACkAdvg8WjPhVXFI4grYWfsINTTp-FLhpNMUW1auKjDghFBfLeZT6M0IowIAAAFCUgAAAAJoAQcKAFvQ5EHnrK2rL_1cjWgZKVcRARbeRhWq4iGOt7xEF5wCMQSXREQ5huyBiEsLtEavcsKPBGwUqO58aR6oOG76HS6A6u52wyw4LC1_flkGA8pbugzocvE3jIIBm4t5mQMbMc---tfr5L07uKgpisPPzyxeof_otMz2d3wTpJ_eakb0n8CPdVHKnHzQVvbjcvBWJHEEUULqOXjmwRFEn4LWH5M-ziOv4kMiSZYzotVaYBVAkgId1HbBhIs3qmYbJXHBz4oHcLXDZ52dscltrsEruzDkwaYFnMblxdsjxzhPxpyC0qPGRQZ5raYJ_ia-lw027m2Z8idGnTeeXwBeyqJU3NYActchKL7TU1JSZDvP2lujEcToLr7MPfTDXATuOdo2DfT_r10FdcGgg6tYc3m-HeibmgwBSdAOF9QOWCkv4IPkdie5QTkQy2vsxd4zpNDAC3f3f2-g-x2ZvT977lXVN1nnZ1B-_qbi-7FSzv2toXPi-_dVxKaUpau6qJyLtKlzrLuAX2rU9H_AhgAjQ9CR9L1nxPZSjVCyIRvoVLsAq_XypEBSsSzPp-RBQkp10YpBRePZ5K-bhCuqz93V-y6V6QEFC4n9QpCvaENba_fZV_7E1njmQc5YLBK6Yi-YbVEz9NwPsSxrzqWeFeSwZ6VKVzhEYUAKS5O9xuFEZN-s92HIwA1DN8QApyNOBZIU1U7T7LjXpAtDs5rH4cfTSX7NpS8VPG_F98JIIwVNFnQivo1HNGrYavppDwZsQtixLZ_VteR8l6vbT1vMOGoVRnohyWQwAKdqEHb8haJSC8bZvd4ZUDGIK1JJkdzRunQ240sJOzmjhSKQPhOTU9POSi1z7HDLEnVRa4yWycqSMS2tI_yx-MuEdmpXNg1pAx1RaPA5hJedOkSyoKTKmasE7PmMSoPZ7DfvdqHT6dLf_DCgxH7hk6uPpxad6gC2_SpB3M39ERcJYlV8QaYgkwL9oOkHdmiyTwpu8lQSGsn8r6MbxaIlQcgFDqFg3u0rQv28Iwajjy-6Tsy5yebDATubJrKZqN4shhmVKWlGgoOFsutZ0LBBTlx-fSOXaEWD7FJYnRJAH3KAdGDZK-8iFEa5LdgZI-BUMdkTcjR_sWH70fXbxPEkL8Pc-4jR-8N3M12qeAnP5SWlUA4FM_SAqTP2B5VPz1NbRkYHvFoL9FVj
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2529 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4297324316398616&bg=!OjmlOX3NAAYgquz3AKo7ACkAdvg8WrDevCH6uZq_z7VTYgP4mjhaDGacRWt98TSNfbT-LsyT0Qxi4gIAAAEvUgAAAAJoAQeZAzhYP7_5ZsLhaYYZBmBkt6iqxr2V0jNbgtrgwGIe4axPIEJZfco9bODOaPBgKfcqjFogpzOkewS9lWu9svN56naTvXjYAZDKQitI6M1rf5VBKK5dZeId6xOPhjHIO96kv2PtKfNU9Aq3Oh9dH1aqoqE1kY-XPRVeH5IEwE2k-So504A-0Yn39Mcs7XWXM7UKbFqOOdlTmMn60zelZdlGM3zoakp0YiaFTWDmiv3uc_ZBoLUMEFzDNorag_-yHI_-5tvbhq-x_inLDkQGi8if0-qut2NZ7xZKZa_UPqPkOkBnscllphxSW081ES4gGJXF6ldDklCcyr_u57u1uLrXIiaodPrqDzQvViZHoCvZ71yXN1LzEQ4fA1lzJLyyIh7mJNaGgVSPaDrL3usBQo8lq-168icXSJZn5pWk3acJDJKyEtY7rR51yUZXup2GJmCGLcLhRatiG1xErU2cHdjNI5r2pIb3neHydPUN8v5cpRAEr2aG85j35GPlgQBm7iGsOKijw-3e77L4pbv5azNg1c6gG8SunZ06TqOi6BXgNtKn8zuOlrzbzhT-i3dcNaE-ykF5Aq2I5Y3olwgeV3lSZHuj7PWrZICIRHu9ejPuGzf72U1cj5W2zcGSKeVF9q5pgkzfoGOANk36e4KVcu_TDMB4XiBoLse9bztCFKnif-Vv4K49xbsO50o_iKFshfCFeQulNSC1Hko_6snH0a3IdnfspyFCAIQCVpDOPviLdmr0F1Ay0LH6SFBpEFzzW3qjM-DBh05ijViR4fV9pWM6m9O_LHfmHvj5IxGDGhg-tVm8qAPximGwIwLBdUh_D2PUYBkvmiHeEb1Oz5PAU_dTQ5hiXaiy0MEVnemEjbaPS8bRc8yoKBiwQ-TH4HBSaCHTb7srvdY_voE6dGlJev6mV9RQ0FkQdLdRCTKmkMfBOYmgPB0XkvdjMak7JE9o2K1cr_05uUg5IMSZFNmfTeEzRc38XJgHMSeX5Jdg2Pi2IzppO05C3pItFUNrWvJr-HrK5OPmso0Cq-eRLZwt8uHYP_dCYEEb9b3eThOQ1j34SrOKB1n_YxT-H6EKiERQV1e7IZwA0rQe-niCQQ
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 04A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4498570735256235&bg=!uLulu__NAAYgquz3AKo7ACkAdvg8WoqvONgnEKc6e6Tv8_zilR9r66VV7PxflruuyRQShdIEpgK6OQIAAAFMUgAAAAJoAQeZAyp_RQa0pzELF-nlKP5-3biZpnQh0-V0ifrhD4iUJ9DBA0Qn-d_h30sC5GcdwUyWldPZRNAbuBd-YRioAuapFx-8bndOZMTkqY0yTP2sol_SR9CE-D0O_ank6tabOtbTmy3kb51kAp_B8L7SPxfjAiUQrnCD5PW5zfF6Ua9R1vZOB9GikLyFiWzI0TdDEvitYRv9HUCT3zfhG1nYmWFSDMCMp3yK71tbWMMFflfj9dfYEFbx2z8YebJKkoxZYCZ4T9qwza6OFg-cl-eG4HO_E72qm9JUmL6jI_1jTKAV8Dmk73ETCg5AnOacCW7pgbLZqd9L2KglKFcu0UxV8cJ3xWx0QWmXM5bmrxLHJQpdR4stRCj0w8QkTMAFLl2DdP2NYz4CrdsnVzVJGgWzvC7wEZYwqSUxIY9JTTNDM0oICy1W89pjqK7W_uJXPFPf1DlpPllr9aSHSsZb_DLzKoSBiVCjVHO1zsV3RiG-2P7z8bo53ipx-w7luJa9DoXDXdKeSjPyq0-35EXw8iLX9vhszCTLSUprKt9NYSR_Fg4TxfmH41oTB0osCSsiw-pO0OWGcNdvvclloAsXaUG881lAOlovdFB6KbU5gfS7y8NWtrHflYyxHxwvzNy4Zv-0mtEl46htJ1-FGmQi9zNWXOrJvh-jk-SEbOaa9rRehaCGm5Kgm5U3lwFqu_A3VFklDG6x9IMq-JdtTt6eLUkGT4uRB4h7eu4WTImibsMx_NuRXr7RPLNYjuFvAV-9MTLTMaFkadTuQ3dksXhswGY-PmU9L86-8dtXkSnnyjWT8VjnBwisWd2ezP2oy5CK56pHP8ZelYSkE74aLr2a2hvAekQ2l7DlHFfDMCbU_AT402xf29bTZoVcYCpQzcVBMjn7TErHPJiS3MY_3MvPi6SmunBc-b6Lv0_wa614-zwYZVqNK_gVRlbggBinyzXiOmHxZB0d_maaAtyhJV2P56N4fWtVzTxTpUIBtcxwqvWlTkn9OZpBfp3NYQAGrqkU_SOZTK8SFV6BLyhWpkrgrcNaQ-gVpoJ7qiDeMgjw22gQHBXFVPZHRt0x3pE3fswN4KM
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 84B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=3833995942244631&bg=!19Sl1JDNAAYgquz3AKo7ACkAdvg8Wt29UGofvbCiTDqIJWk7YCZaKnjsfAxiQTliYImWG4wlVXCPVwIAAAFBUgAAAAJoAQeZAxVo26DL3OtW9VXbkl1oq8-9mDkDCGJrvZl0VGqUfwbso-8GqGbE7eYu4Yax4FYzYU-x4M-UFv73SEUA4Qm4OjXaIZbLMjGQQxisMLsRrW6tmznn3YcSWoH-C6JxtqXGQpT1hf9fqSyDaEyhBnlhI5ZEJ34Xa3H2AnfW2n8QyOgWlvOiXhmxcpUsjajm1LXfJbM0BAOIuQXXiHZu8Jd1Crll-3ZQrsW63qzh6haB4qEiT4Nrz0YA2sobP0ZWCTyNW-htKKSKUc4dzsibJVj8Yn4SIzP52Ov3o5FsJpGrQdrE2oG4vPjNfKU5jorVtuZvbTS6rcT59ElOaF1M3DPct3yY3NpvcG__MlZDd8e9AcANia3HzywzZNfW6MRXoHSrHY6sqIWGIUt50bUUTLgK3-wXwED86GhexuGEoHg7bBSq83UXNTx5WjV1HSYiZ0pG0UlMC4IQZAkghlfgQyhPfcFexIOwP8dtwV_wC1AhwRYkOmJkrLTK_s7xaqFrlfn8RVFKywOP0ETl3TUmqhfI1pz6QbjWax5LKDN5M_oZGEVffxPYkOpCFy6J8V-dAh5kcA1fxOCrirqcQOHpqU6mbnB-NSphrQhiX-XDBcGJprxTo0K-IABkASiPMgDeRuC9VwFxyiEBXsuY6MVDt6Cz8fYb0WgiWXyJhl9Do2B7mWYlTDFq4gDuXH16CoCqDTtm6W29rQdLvN_A324RK-8D6FWpACUHzq0aZUJ2CbCaQnL_2SZ1kqoHSPGttmQjhxEBJLlwEoflkM_mcXjD7peK2qiA1K2VPSMn--Od5MhGqU_t7FRQeLzlwO2_D0wVDLSC40ZeMm23vhX771wxKGYvQw7OujhmVIOPC30ZzTlCSkXqGoefNEdGowESrmJVoTF10MNa8JXs_k4ndMo7jK4vllMc8iabVVGmgMTuTiL0rbx7es8xyxBs9EpjmS340WO5QXmDvS0iekSO4pOeWceWrCZzes183rem5xAoFhCZClH49qfqtBCYBlzIg2qZ5QOmbXl-pu6BBwR6XhBFhM9z51AcCAfb0hs
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F6E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=32283905124398&bg=!xMelx4PNAAYgquz3AKo7ACkAdvg8WpQgrUE-62vWF6nnJ-8vm6D9erALNSUC0FAnxcVhPOE_uNP9-AIAAAFjUgAAAAJoAQeZAx1iTS3seuj2k4pcZKUe7jbdPjzCfWxi_2yS0j0OcyCL6Lk81LmQi4xQHLJpddU4wpvr2SPi6uTb7ZS7f6ehcpRNyHmkJEIAEZJ5LCnmyl6psYmHy6YPxkrsm3Q8bIh6S6Cng_4QL68hlZjOOvJlxrZdiLEDordxvra3aEa8fYyQgf3tsoIma4oIZFJCF27ZqvJLtEA3emlB3GhMIUUp4d1gZyAJSFcJ7raPAsaZNk0NamexLCMn1HdLflqKUDx0SFySmjplc8SnuLtU0oHZ8ZdMttQpET0otBfOYQlLh5SAwYfefu2FFHNdUdeq0KyJK8MOj-THCIHtx8NBMgVVMbB0uubGeshlb7e42oTUZtQt9Xib-dFfjGh6ge8IBILQLy2rot_b4H33UZwRvMGSh9zbD0B0e_lwUYHlecQdHFDyhc5vBO6JpDhCNibmq6k0FQ2tBE963goPT13JkpeJXdQpsIaRo0W8MFqdOGDWEb-FbxLaDixftK1xSQIRDiZKqjyXG8UQObrDr73O9N_ihyRGkZRS25B9is0m77L4u4JD4b9nODMEWwffCvaX9XpT1DOQm3yEsVdyFo9cgIxISJ4mfr2yKpS976Uv1UnA_F5zZxc_7HXQMPWOCju0u2SE3sjUfLy4OT6yShnDZB1-V5dihL_nOhIwqgm_uJPmenzLy9hiszNiipnJyBqV65OmCw-XpvuIqV3nUG-YKg-ay7ikF4M4L-PbEQ3GYwHumLjC3abJPyn1uCcBkDOqKfvmlBDW7PRg4vAORhXtqVh-gxxkS6KaAJ0_jKqm-xgxDbIkbX1kfiKKZVjdZKXM5V-G78MdAAw6BA_Gc_nhOtMqMXGIxAhaeobzqIDBHwKheUcSD9R-iQJUOeef5TkZgJWBu_bj1Q-XxaxlYg4nuHJl85jda9Lq6ZFHh6CCMZzZYRZoqLbuNlP2OPjYyKqe0GHu8cqdKkTIaj8sdGJxxt-QzlfLKus5TRnPZIWz_suY7ze9-Y0aSJgz-f7TQYHpCiIfGoBvGixfB-qQ7gVTkYKsiLnl2Tb8bYggYq5dK5PsyQ
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1234524406&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&ul=en-us&de=UTF-8&dt=Police%3A%20%E2%80%98No%20clear%20motive%E2%80%99%20for%20Greenwood%20Park%20Mall%20shooter%20-%20Daily%20Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22Police%3A%20%E2%80%98No%20clear%20motive%E2%80%99%20for%20Greenwood%20Park%20Mall%20shooter%20-%20Daily%20Journal%22%2C%22ContentType%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aHDAAUABAAAAACAAI~&jid=&gjid=&cid=1552943419.1671922429&tid=UA-206376083-1&_gid=1848441940.1671922429&gtm=2wgbu0NS8286F&cd2=d203a9ecf2fa02d1217f28c964192c25&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Default%20Free%20Conversation&cd9=1&cd10=unlimited&cd11=NaN&cd12=1.0.0.0&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=Default&z=668459042
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72681
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
chartbeat.js
tribtown.com/wp-content/plugins/aim_seo_smo/cache/
Redirect Chain
  • https://www.tribtown.com/wp-content/plugins/aim_seo_smo/cache/chartbeat.js
  • https://tribtown.com/wp-content/plugins/aim_seo_smo/cache/chartbeat.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tribtown.com/wp-content/plugins/aim_seo_smo/cache/chartbeat.js
Protocol
H2
Server
2606:4700:20::ac43:49cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

cf-edge-cache
cache,platform=wordpress
date
Sat, 24 Dec 2022 22:53:53 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iS09I9AzMrnaqU%2FC%2B%2Fcp5AKi7m%2BP56Nol85%2ByOrw0uajaMiE2I230%2B3GU2l9Hn0zHBxSY1%2FDJpcGrTa9W9oI60ZPffSVhNOoYblieB1R%2B%2BsAOC2ULsBbvtO6R%2B0F2YxdBWlCYkb0k%2BXj1Rxdmm4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://tribtown.com/wp-content/plugins/aim_seo_smo/cache/chartbeat.js
cache-control
max-age=14400, must-revalidate
cf-ray
77ecea63ded0bbc5-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:cc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:01:25 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
78747
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
PtHlO5gHyNdc7w7lmxXk3Pz-l2TPBgd39VzSGh0EQ-YANneZIc_6rQ==
expires
Sun, 25 Dec 2022 01:01:25 GMT
tcx-ping.php
japfg-trending-content.appspot.com/ 		266 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/tcx-ping.php?s=10220&t=Police%3A%20%E2%80%98No%20clear%20motive%E2%80%99%20for%20Greenwood%20Park%20Mall%20shooter%20-%20Daily%20Journal&h=dailyjournal.net&p=%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&w=2&a=ldgr1--ldgr3&_debug=1
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
8b542c16e4d890cec65d4b8ee77a2d53e4619141e49bad939b9192c88376ace6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:53 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a9b46dafb8ee21b9831d68bfd9b1976637afe4774cd7f866a295ce0c872d3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11171
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:52 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=dailyjournal.net&p=%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&u=DGaEzWDP7KA1D0ui7O&d=dailyjournal.net&g=20837&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8696&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&b=6606&t=BwM6sJCCwartBt21WkaCXMdDoR2_P&V=139&i=Police%3A%20%E2%80%98No%20clear%20motive%E2%80%99%20for%20Greenwood%20Park%20Mall%20shooter%20-%20Daily%20Journal&tz=0&sn=1&sv=TlsxoCPAK4dCVZr9figPbpCquMRL&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.176.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-176-242.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:52 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
track
dc.services.visualstudio.com/v2/ 		671 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d863a47b3033692aa415151ecf5350f2c83ddbc984cac07e774df97ccddc0975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
967F2E05-0A2E-4F5B-A4FF-A6E08988C58F
strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 22:53:52 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
671
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://dailyjournal.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 24 Dec 2022 22:53:52 GMT
x-content-type-options
nosniff
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 137E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
335719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B7F0 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8cd5ed2ca8233efd3d053543035ebc39e1052a2043a670b7520c15a5e87710af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BhalOxvzRigIK0SiODf4fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-BhalOxvzRigIK0SiODf4fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 22:53:52 GMT
expires
Sat, 24 Dec 2022 22:53:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 137E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 12:26:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B7F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=286285056126034&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 137E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c6SJCA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=286285056126034&bg=!JySlJGDNAAYgquz3AKo7ACkAdvg8WuwWh5IJ0y28mVLXMvmZyM64eogvGNvEvQjihVWTkTnPiUaljQIAAABVUgAAAAtoAQcKAE2NFzuhug8FGPsHLIK4gcmVqrPBV5sbdeBUCXTa8XL-iCeJUv1KZtRzUloF3LZC8Pmz6v5tIK5BDZOfMc017rVA6HmcJLcfXOhY4Q8LW5kC7hYf1WE82Vw2_NUwf3JLL9IZwZymnA38hFRgfobUHh2ghabFpHwdGgexpxd3UectJsHRUFNEUkCUA9eFf01WFYSOzxf4zd7rhU4nXkKwLRJF6ALQlChe8kNc7zQa_s-v4ZG5lnTcVWkFz5_XFAM8qIn21UjMy-cyXYF_JGv6paG0QX06JvCeHjshvlYWPlRcmXORA_Qmg2eO3CP4SpwGcmMAYvNF2wTPnDmQJFicsa8UVlIkMD_TEYnhO5H-vyOoCyRRAfRMlpoDsFQfLDctX2yBkaEtfoA-ol5r7aUadt5mM9K6opyUM341wDwidmXD33dESb13noo-jSieHb1XL5VF9USBLlIx7Rk4mlK6cVx6TTWAx6miVFqqAoX3kH2nXH0jUuyKd4-Fm2RnvI59xwteeCJws38YEC4CAj6x7IYRm7-X3Bq3GIRMmE5UytgOciGitN6CUYSCnKoJNsZpa1_WmNB07Zw1Jf77WkBeREDQHtx_419pAmsudSiHupLtbzfYKzHVBOhgJt39CuC5BfKC6SLHzjYnlP1Eg-SfbgTnQXWUcePoWYH9RwQti9s2YtDhV3Ua4RC8Qf44TbB1rLE5Z7vf3imQjNPLo15EsXkSQ7uGlszCBn8PA-n7YE8I8CsL9nY6mECUq0-ZiQ1-BNfGIzF6jE7oI60MAqh2Y-Ei-QRV2tTjwxgEfawYci84dHFhQb5V2iP-zSt-d4qXdLUl_gcqIQztfDmUkDoGQViyNTjEyjPKt_ko0YjmrYobZBXy13G33rPi_Os6LD_s5Uoq02PBAaVlvv-Vl7sayL4GMHinpEt_RByzVkkItMoC3E0ItbDvdAeHpRXfSIExedfgXgi34FVbhHY7sMZw4tedeI2Ker2dBKfFRW9urgYmfOD3CCNxGyRh3hZZiCuc1w2AQWO2pDEj_N1XHfqVh1ZNWReCiYLj-BzFVQDJewgeItWr3mX58wd4cYjakseePJ1NabiXKfixhJMTGwwT0A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
f
fid.agkn.com/ 		0
0
checksync.php
contextual.media.net/ Frame 2DBB 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU528VIH&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C2040%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.8.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-8-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1064c1f43b7ee7e1d3e1a197c3c73c676cda3c4cf14f53e076990d3c98fdd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8236
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 22:53:54 GMT
expires
Mon, 26 Dec 2022 22:53:54 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame F039 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
765
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77ecea69f9232baf-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 22:53:53 GMT
expires
Sun, 25 Dec 2022 02:53:53 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6984 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 22:53:53 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DEBB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Requested by
Host: liqwid.net
URL: https://liqwid.net/prebid/primebid623.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://dailyjournal.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56195
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 22:53:53 GMT
expires
Sun, 25 Dec 2022 14:30:28 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158432/2294/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-32.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
gzip
via
1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
date
Sat, 24 Dec 2022 10:04:24 GMT
x-amz-cf-pop
FRA50-C1
age
46170
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
LxtB_IBcdLxH3GoEYwfePI0xNTfVjNfX8cj4xJJqcc_afOJhruPYLg==
SPug
simage4.pubmatic.com/AdServer/ Frame 3F0D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156595&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame DEBB 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45786167&p=158432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b3753c0930ae2656babda0fbbaa6ad9aa2160391b885216de0b4c9e0f09691e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 24 Dec 2022 22:53:52 GMT
content-length
1148
content-type
text/html; charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame 4979 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3086950271737a4081f32de51d04972cc659647945f5e14451ce5162318070

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77ecea6a2b0a9150-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 22:53:53 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8geuazEghVtUJUW5xwXc9Q1TiC4bfQEFgURtqTjPmc6U6kxGNqVB8Ygy88VhfIk38igjEFd2MpUNJ8rTsmENFxO9AIhKdXXkh%2F0fCTHENqQZKEIPT%2BS2b8g5nQeXOsYY0WolN6mrVrCRKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cm
ipac.ctnsnet.com/int/ Frame 2929 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 24 Dec 2022 22:53:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 7D39
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=28w7cq352qfl
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=28w7cq352qfl
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 22:53:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Sat, 24 Dec 2022 22:53:55 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=28w7cq352qfl
lws
124
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 51CE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3AD6E96DB69647639DFDE4733FA73FF9&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3AD6E96DB69647639DFDE4733FA73FF9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 22:53:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 24 Dec 2022 22:53:53 GMT
expires
Fri, 23 Dec 2022 22:53:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3AD6E96DB69647639DFDE4733FA73FF9&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
p
a.audrte.com/ Frame DEBB
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
HTTP/1.1
Server
54.80.38.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-38-94.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 22:53:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 24 Dec 2022 22:53:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame DEBB
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=59D38E8A-0F0E-4576-A27D-A47E58057D2B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=59D38E8A-0F0E-4576-A27D-A47E58057D2B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=59D38E8A-0F0E-4576-A27D-A47E58057D2B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:57 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:57 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=59D38E8A-0F0E-4576-A27D-A47E58057D2B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame DEBB
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Sat, 24 Dec 2022 22:53:53 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame DEBB
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
/
geo.privacymanager.io/ 		28 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-116.fra2.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 04:04:42 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront), 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1, FRA2-C2
age
67751
x-amzn-requestid
d4bb9cab-fcd3-4b5e-841d-06a3ee34285e
x-amzn-trace-id
Root=1-63a67a5a-0ac1552704457f03686d2101;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
dogOPHbLDoEFRvw=
content-length
28
x-amz-cf-id
rnJK5WPiIWNrOfPnpsq5IagQni2SJ6_LMCxHbdF-QwVXZEZyxoA9hQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
usermatchredir
ssum-sec.casalemedia.com/ Frame 4979
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6eC_6pcwMc0WqeJpHpdkQAABH4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87vZINschCiREtxApKNr95iRVeWn6cdUVZDqiUFvUJAUNjPymYDl11rS%2BGAbV611R5VhIbnXnuY%2BVUo6EI%2BTHhQix5nO%2FkfrrEXIlwWFwSeKzgmcNlHVj3aO7d7Hh9KQREWwzHWF6bI%2Fjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77ecea6aabba9150-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFd0l1TjpToQl2k0QCnDOc4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4979 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 4979 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6eC_6pcwMc0WqeJpHpdkQAABH4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9V50AFGJPNEXTSD5GR3V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4979
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6eC-6pcwMc0WqeJpHpdkQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEzegRjq4ujlrTQ-HNrsolI&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEzegRjq4ujlrTQ-HNrsolI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEzegRjq4ujlrTQ-HNrsolI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4979
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3AD6E96DB69647639DFDE4733FA73FF9
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3AD6E96DB69647639DFDE4733FA73FF9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 22:53:53 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=3AD6E96DB69647639DFDE4733FA73FF9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 22:53:53 GMT
crum
dsum-sec.casalemedia.com/ Frame 4979
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 22:53:53 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 4979
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=x5bbmREv1P9doR5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=x5bbmREv1P9doR5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0f25e10db9e73ae52@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=x5bbmREv1P9doR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4979
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4203139841800031892
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4203139841800031892
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 22:53:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
769ac5ff-0836-4c2b-abcb-c8b9d1ff0865
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4203139841800031892
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4979 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6eC-6pcwMc0WqeJpHpdkQAA%261150
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fdailyjournal.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:53 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
1293
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77ecea6acf8b8fd6-FRA
content-length
43
expires
Sun, 25 Dec 2022 22:53:53 GMT
usync.js
eus.rubiconproject.com/ Frame 6984 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 22:53:53 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Dec 2022 03:57:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18203
Connection
keep-alive
Content-Length
10066
Expires
Sun, 25 Dec 2022 03:57:16 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 6984 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 6984
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC2JG3N6-1B-7XCH
0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC2JG3N6-1B-7XCH
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:54 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 158FF49BD5B04967A928E3AED17971D8 Ref B: FRAEDGE1405 Ref C: 2022-12-24T22:53:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwmsbGyjdrx0h/SColRA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC2JG3N6-1B-7XCH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 6984
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UO2KDYALRluO0zIBIEgGRQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UO2KDYALRluO0zIBIEgGRQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UO2KDYALRluO0zIBIEgGRQ
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XD0Y28E7TAETB11W0JT8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UO2KDYALRluO0zIBIEgGRQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6984
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VpqSHDaYQxO3c4xeqwdc8Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VpqSHDaYQxO3c4xeqwdc8Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VpqSHDaYQxO3c4xeqwdc8Q
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BMJCM87EG4ZANM0FMRNV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=VpqSHDaYQxO3c4xeqwdc8Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6984
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ5NDRkN2RhNDFmNDI4NTYwZGViNGU1N2UxZTA3YTM0OGZiOWM5NA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ5NDRkN2RhNDFmNDI4NTYwZGViNGU1N2UxZTA3YTM0OGZiOWM5NA
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ5NDRkN2RhNDFmNDI4NTYwZGViNGU1N2UxZTA3YTM0OGZiOWM5NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6984
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ttbfbmPaFRIDv_BxsYsH6Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dN83zgVE2oIU3NwdI3LRROtsUfPvx3MBxtzbWg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dN83zgVE2oIU3NwdI3LRROtsUfPvx3MBxtzbWg--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 24 Dec 2022 22:53:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dN83zgVE2oIU3NwdI3LRROtsUfPvx3MBxtzbWg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6984
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJE1Umk8cg6rMPOVbbeOLkI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJE1Umk8cg6rMPOVbbeOLkI&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJE1Umk8cg6rMPOVbbeOLkI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6984
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMySkczTjYtMUItN1hDSA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMySkczTjYtMUItN1hDSA==
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMySkczTjYtMUItN1hDSA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
config.js
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 		116 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8NHQMS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460964327bf813606aeb5911dac3440e424079c0385b06952c5057c3ec3649b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 24 Dec 2022 20:34:39 GMT
server
cloudflare
x-amz-request-id
AH86J9ZF3QEGFQ30
age
433
etag
W/"2dabbfba7a2fac93c455490f52153c8d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77ecea6cfb36bb4f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
pjam4rpDXc4rUReyyFACenpi5q9ZywxqDe/ndU9nW4iuXs2Detwp7vER/2Z44bT1INs1HH1Wa2c=
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 15:47:15 GMT
server
cloudflare
x-amz-request-id
AJ16MF7MV5ZBMEN7
age
276452
etag
W/"fa407ba001f2ac06196124f41d523471"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77ecea6d3812911f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
GjUn9sGzmnRhNV8lWhoQdx1lyEhLjlHIUmNKXDAUup6NHC2n4/1ChMTnKh8cJWO66zj70kVurAo/rk4Z+jFu3A==
diberp-tcx-v7.13.0.js
www.americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 14:07:39 GMT
content-encoding
gzip
age
549975
x-guploader-uploadid
ADPycdtiz0Cca3cb8vWLls1C1LYM6TDHpsdh8_z0kjiX_CBOzj8oTCecoi_4hrP07XEsBD53qITW74Y0iua7ujt75o2LfA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104504
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
server
UploadServer
etag
"f085c7609fb7c47fb72fd768d721373e"
vary
Accept-Encoding,Origin
x-goog-generation
1661782821233427
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
104504
accept-ranges
bytes
expires
Mon, 18 Dec 2023 14:07:39 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1431 / 216 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 22:53:54 GMT
liveMatching.php
live.primis.tech/live/ Frame 3694 		0
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D32355F30307D7B7331343235353330327D7B4335377D7B535A47467062486C7162335679626D46734C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=2001%3Aac8%3A20%3A3a00%3A1011%3Ae1ee%3A1be1%3A2418&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=63a782fd18062&debugInfo=14255302_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14255302&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e58yrwjvosgt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:54 GMT
content-encoding
gzip
via
1.1 bcb4a9bca5a3ff00d0520d8a78f560dc.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
G0RFzQJ6NXl7WxRDWVPuEvxK27ktRNOVbTF273TeSXVnxMzO_D6Aeg==
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=573091&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22164c4e8151fd9c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F%22%2C%22domain%22%3A%22dailyjournal.net%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dailyjournal.net%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%227.13.0-pre%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F%22%2C%22tmax%22%3A1800%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22ahm_widg_id_6%22%2C%22divId%22%3A%22ahm_widg_id_6%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2222088992cc0f8e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22573091%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F281191609%2Ftrx_aim%2Fdailyjournal.net%22%2C%22gpid%22%3A%22%2F281191609%2Ftrx_aim%2Fdailyjournal.net%23ahm_widg_id_3%22%2C%22tid%22%3A%22a7beed97-14d9-404e-9f4f-3d0755bb7847%22%7D%7D%2C%7B%22id%22%3A%223ec369550f58c8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22573091%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F281191609%2Ftrx_aim%2Fdailyjournal.net%22%2C%22gpid%22%3A%22%2F281191609%2Ftrx_aim%2Fdailyjournal.net%23ahm_widg_id_6%22%2C%22tid%22%3A%22fa83488c-b4e5-4149-a318-eadd1c2c0015%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200017%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee5392e9979890747d247544d178fa47eee37049897b0619217e0fe29aea677

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaWZgDS3oXB69c0QIw21eOZoqnidIRs1eDq2bYDvcn7Qmj2XlW0PfHGs%2BlA%2B7%2F2GYgWdth5OV6fQky%2FL4koy7u8vZhrcmeBTk8DGTP7agDXcbv9pMXytUDnD4Bv4ECMrOc7YgCmb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://dailyjournal.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77ecea708b1c9137-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid
ap.lijit.com/rtb/ 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
4ff5fcea215a8777db181983bac734b59ddd13eec0ee35d57f6270851e3751d7

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 22:53:54 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://dailyjournal.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
trinity.json
apex.go.sonobi.com/ 		839 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228ebb87e55320c5%22%3A%22067f98f6d5e9ba007a9e%7C300x250%7Cgpid%3D%2F281191609%2C1052426%2Ftrx_aim%2Fdailyjournal.net%2Cc%3Dd%2C%22%2C%229506326bdce3fd%22%3A%22067f98f6d5e9ba007a9e%7C300x250%7Cgpid%3D%2F281191609%2C1052426%2Ftrx_aim%2Fdailyjournal.net%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&s=5f718e3c-162a-45fb-8baf-1b80d09c0cf8&pv=4ff28ac2-479f-46df-8937-07c57f7e45d1&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F%22%2C%22domain%22%3A%22dailyjournal.net%22%2C%22publisher%22%3A%7B%22domain%22%3A%22dailyjournal.net%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=0&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200017%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
67498fc1e5a04b98b7d845e90f4f1596b7154c4199711f9791163324fa272eac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:55 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-149
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://dailyjournal.net
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
500
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:54 GMT
AN-X-Request-Uuid
0e7005ff-5902-4b79-bef0-7009fda61bc9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://dailyjournal.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
justapinch-com-d.openx.net/w/1.0/ 		174 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a7beed97-14d9-404e-9f4f-3d0755bb7847%2Cfa83488c-b4e5-4149-a318-eadd1c2c0015&nocache=1671922434642&gdpr_consent=&gdpr=0&schain=1.0%2C1!americanhometownmedia.com%2C00017%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_3%2Cahm_widg_id_6&aucs=%2C&auid=544092628%2C544092628
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
91e4e2da6ca9623f3da6e34ed8074d94a9e3292808bb229a188c9ef5ae98832b

Request headers

Referer
https://dailyjournal.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://dailyjournal.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame DEBB 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158432&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dailyjournal.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dailyjournal.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=286285056126034&vrg=2022120501&nw_id=1052426%2C281191609%5C%2C1052426&nslots=7&pub_url=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&sig=0&req=0&req_cnt=2&dm=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		102 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=286285056126034&correlator=3895744741587863&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=281191609%3A1052426%2Ctrx_aim%2Cdailyjournal.net&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=6&adks=401799166%2C401799161&sfv=1-0-40&prev_scp=slotName%3Dldgr1%26pubDom%3Ddailyjournal.net%26atab%3Dtrue%26frstlk%3Dtrue%7CslotName%3Dldgr3%26pubDom%3Ddailyjournal.net%26atab%3Dtrue%26frstlk%3Dtrue&eri=1&cust_params=UrlHost%3Ddailyjournal.net%26UrlPath%3D%252F2022%252F12%252F21%252Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%26UrlQuery%3D%26Page%3Dsingle%26Category%3Dbreaking-news%252Clocal-news%26Tag%3Dspotlight&sc=1&cookie=ID%3Dabe5203f1e1d8420%3AT%3D1671922429%3AS%3DALNI_MY1qrFmWn80c55-qn55XawUW-nIZg&gpic=UID%3D00000b980c58e8a4%3AT%3D1671922429%3ART%3D1671922429%3AS%3DALNI_MYjuWMJNEcq01Odx5bdg8jNvdhx2w&abxe=1&dt=1671922435951&lmt=1671922435&dlt=1671922427273&idt=1963&adxs=1010%2C1010&adys=907%2C1665&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F&frm=20&vis=1&psz=324x250%7C324x250&msz=300x-1%7C300x-1&fws=4%2C4&ohw=324%2C324&ga_vid=1552943419.1671922429&ga_sid=1671922429&ga_hid=1234524406&ga_fc=true
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93bae22135c8c7353031efc3a6bd70932e7c675bf9cb8a87f25f379aa68030d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23441
x-xss-protection
0
google-lineitem-id
5527628802,5527628802
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138395964514,138395964487
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dailyjournal.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E81 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst15CqXv4GsofgXJygE7fRlEt5MsSoxocFTkm9KXSMy156JRxt6zAoVCofEXx6N4g4wPKLY4EbHmfLMkqni79eK2zzSm5ecaHRsxg7fSqXxkkcniFzZOwIT31Lj00yLBern1st_EHYk6WdSL-gRq1epKvYes49cE77eSXblcrQ4nYU4mfvxSddFh0li1wBJercRo0aTSlXuEKzW1-QeIXAkgJgRDx0dzyKMwAvg_25EebYobU3aR8xxSJRBthO49zygeQPVsNm_5AwKgYz0Y5rPhiuHbV4r_O5gqCbx-YHsQ0kYuVZQCKrEB-M0yuZpGuVzf8GJimnadULag4TNZg&sai=AMfl-YSYDUlbmzIu4W-uZdgDYLMyJ5QkAujiQW0MkZtHpRYaez3opc77AKXP-5tnG3nSIoGsTAA-691tDsnd-6bC2hSyM_qTRCBx6_aLrWEvj_ncphCH1G6QOArHakzC7LYQsw&sig=Cg0ArKJSzJxz34C5CKSNEAE&uach_m=[UACH]&adurl=
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 0E81 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
76524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0E81 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
76524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:32 GMT
l
www.google.com/ads/measurement/ Frame 0E81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHynw_C7ISmD4J22QRTCW2xvVov48cW9oF-8309pHyNgQaZcjmI9ljmZ41LvG5WEkgKG5K
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E81 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:56 GMT
5350586979491340751
tpc.googlesyndication.com/simgad/ Frame 0E81 		177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5350586979491340751
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
683c1fac225f4076c77881971ff97d3f80795304eea176b1b3c7545bba5860d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 07:20:12 GMT
x-content-type-options
nosniff
age
228824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
181739
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 19:37:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Dec 2023 07:20:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2625 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPKO82eIaXNup8dQhEV6KSuzIHSE2gZWhGx_WnM9H6tmGZsiMAhJWpL1YbYXvSjGppJ-O6MxpIGDnksbkjEdv0srx47b8CB-AiRcdjfi_7B9dd4228qrCrXXXI4yGBbRFtMqD_ff3i1f-un3YJ0B0LyZyRoNkJYAnFl3SyWFmDcPg0A26drtN1z_H0mAcmOt7nd2F92YCOXZI9CWXJbvknoiz30OlDdfRH7Gul4JXjBGcL2XoDoM-1Wm7zyXYvD9HbI0KjqN_tsKy39Hm6kn-4VjjUQDPmnwAxK2wdyQpD36XVZL7RothYZJ67czU4rLMD1u8dDo1rBf4PbUr2rQ&sai=AMfl-YTDQvJ_Q3yOY_eGkSWAurEgW5zlJB5rKU7o6mqCEyVtlgzkTxWuiphuZkalnAWMNP24_PQ9-cirBY2jL-ymgZzMC_eYzeWZJ5Llv6ZKVqUfRKiQ5Nl0tNwHKpLvhxBjow&sig=Cg0ArKJSzIe4Xw0YaKJ2EAE&uach_m=[UACH]&adurl=
Requested by
Host: dailyjournal.net
URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2625 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
76524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2625 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
76524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 01:38:32 GMT
l
www.google.com/ads/measurement/ Frame 2625 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTosepOywQXXpOqhJ_-c2PcikEeHJvegHRvK8hs60m5dAwbE3gbpOw1lSq4jaH6zkN0QylY
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2625 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 22:53:56 GMT
9529826409483527466
tpc.googlesyndication.com/simgad/ Frame 2625 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9529826409483527466
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
253896b857cf31518e9ee0e8bc53d27029850ac4e0d191c1d46e0c081bfa7af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 04:06:49 GMT
x-content-type-options
nosniff
age
413227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135503
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 19:37:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 20 Dec 2023 04:06:49 GMT
truncated
/ Frame 0E81 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2844a7c6a67853acfaa2d1f88b6bf20a5575aff6a43e272e837c3c29d719d84f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2625 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
836daa22dc5e6a9d65983b2319ebd3d54c177ae0069e84138ecbe536933416b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0E81 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukQZ1BfxqbqeBVz70mIt-gOAVkktSol34FKoiggcv7Fv2ZTcrMZ_um3todxFJkyqP3CFjXqsksBpcHJ_7Zi2ERBZw3XGxmns7StovPGDtRLkoNedT1qxbaoqMYR_j9ozCs4uGkmbORGRbM4V9-afx3srONCuq-zH0VXJbEI-asNQJmvXqGJj2zJfvbr3fIC7amZnZY7mDRxWDNh0apczZCzmqqzrfmf62fK2IcZKzTidf4CeegYg1zH5_lF8rqRXwj7gJ2YmuZsHVxySPVnZuGIuBLzVdNVUAasp4gUDmHqL3dak6fhSMtLTXLI7_4yqrg2ZQ0Lm0af809u_8uhWuy&sai=AMfl-YRGx6pUfCRC2pyAi5HRR8VhRj7HMUWSLxFQCacP3xeqzDP18vnkzNQuj3J_8e2Mn0E_MceTfzPHz6vhXupKZUAsFnJJgX1wkUaPP1AICQ2LDZyWOo_RvY2QD6koS9tLUw&sig=Cg0ArKJSzOCDeZ9b7ckgEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2625 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszjs83E05oJ5U8N-B5ThoNQfuMESa-_eSbynGnvr5NceSoNLpc1omHnt3FUF-QVKMSyJbiNoK9tZ1Hjj2DD7CgmbjcfZrQAQFe3mLJJDkI3pByGSgRiuvZ45O8c5yp-TOHE5Tz3RwxoM_im4Gtt4OzzMg6YCHYB6dzeh7iNsqAdDPhGMdJgthon4VJNxUnomtP_KIfktUOWoFXuSuynKCvUkLdMyd8ZLzyeDVTxcnn5KK4k9N4A_uzXV0stS5Rz0qcGN-sT-h8t9Zjyno91zlMxhaeU6iQbYaNr8rBRHg0WdSa-n6GKIzYVa7r2cJF_cd2WPsJWPtE3vOoCGydrDQb&sai=AMfl-YSb-ahHZ7Zo8wO87l-yy5y5EmtBy3169dMn0UClzdCIUkhNUmJ67cWc-pv95No1vjFpzFER3mUyC7cIxS4UsOkRAR2g4tWfs-AFBaUkmRC7dseTB2XhG4EtuCd0bwTuCQ&sig=Cg0ArKJSzLEJhr-SdxzZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 22:53:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 22:53:56 GMT
chunklist_480.m3u8
video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/ 		476 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/chunklist_480.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e8a346498329a7c6e2db3c24b4adf9869a7d877f85bdd757cb7a5eda7ed0d7df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 16:28:51 GMT
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront), 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, VIE50-C1
age
23104
x-cache
Hit from cloudfront
content-length
476
last-modified
Tue, 18 Oct 2022 19:47:20 GMT
server
nginx
etag
"e1056631d6f5e2baf22b80ac2883e2c9"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
BR1YImABjKnSGrmupsVE8OYAceVwm_LIs07DhJCUPE6l7K3dp3E8Xw==
expires
Sun, 25 Dec 2022 16:28:51 GMT
w_480_00000.ts
video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/w_480_00000.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5146625d12c9a45e5c83f3fdfab8bb25505685d12cd36947811fef096bc4f3c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:44:06 GMT
via
1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront), 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1, VIE50-C1
age
119390
x-cache
Hit from cloudfront
content-length
382956
last-modified
Tue, 18 Oct 2022 19:47:20 GMT
server
nginx
etag
"e5575643c2f6472733bcb5e264ee54be"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ozw6svfS0bwc7gHWwKisXtqD7xbT-z44K9LY7jBP8AmokBpPC7G-7w==
expires
Fri, 06 Jan 2023 13:44:06 GMT
50e237bc-f38e-44b9-96f9-f4f14387e531
https://dailyjournal.net/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dailyjournal.net/50e237bc-f38e-44b9-96f9-f4f14387e531
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
w_480_00001.ts
video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/ 		426 KB
427 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/w_480_00001.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e62009f26ef6ec4fb82c091a7ee2da487e4a139fcb9f2e74fac9a33a4a386f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:44:08 GMT
via
1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront), 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1, VIE50-C1
age
119388
x-cache
Hit from cloudfront
content-length
436160
last-modified
Tue, 18 Oct 2022 19:47:20 GMT
server
nginx
etag
"7a3b32b4c26eddb752fd9f26987dcc5f"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
eUanyAdKipzQtOMmabdApohL_rLJ9t_5hcNQgGXAtiEJqVz-YOs5Ng==
expires
Fri, 06 Jan 2023 13:44:08 GMT
w_480_00002.ts
video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/ 		451 KB
452 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/w_480_00002.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6a4d9f646533101d8c49325178c2a4fa6e3403da3a91a8dda5c72d8f941b3b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:44:09 GMT
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront), 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, VIE50-C1
age
119387
x-cache
Hit from cloudfront
content-length
461728
last-modified
Tue, 18 Oct 2022 19:47:20 GMT
server
nginx
etag
"cd8e164c0b8d7a1edacae7ed830e66ce"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
JCS0jTqPvXS7P5stqPOPmG964JyRhXyRK6Mo5T4LkUPg_7adwJziUA==
expires
Fri, 06 Jan 2023 13:44:09 GMT
w_480_00003.ts
video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/ 		463 KB
464 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/w_480_00003.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ffaa44d2e731cffb3ac261b612acb16be337f40cfd41a88d588a4179abd8449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:44:09 GMT
via
1.1 eec12a22159207af63748eccf10799b2.cloudfront.net (CloudFront), 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1, VIE50-C1
age
119386
x-cache
Hit from cloudfront
content-length
474136
last-modified
Tue, 18 Oct 2022 19:47:20 GMT
server
nginx
etag
"d5924f0288ae4528fb6bb4c4e1732231"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
LAXVyDefqW29R_rYXm401D4TNiWVZxfCbzeY3u2xdn2xTw5PRd4w6g==
expires
Fri, 06 Jan 2023 13:44:09 GMT
w_480_00004.ts
video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/ 		467 KB
468 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/w_480_00004.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
590532f7e816d6907b74da909463f6ee19242ff835a8c731bb763fc8e675495c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:44:09 GMT
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront), 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4, VIE50-C1
age
119386
x-cache
Hit from cloudfront
content-length
478084
last-modified
Tue, 18 Oct 2022 19:47:20 GMT
server
nginx
etag
"01f79be433150b0fd79e8807441073a6"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
upo-M9gh51sBZqOH1sgQ-xFEfzR_0exGcK-DKEC4bohHPZf1ZVTWUw==
expires
Fri, 06 Jan 2023 13:44:09 GMT
w_480_00005.ts
video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/ 		446 KB
447 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn13/video/users/hls/22235/video_5df2c67d5a683172725343/vid634efffeab4c3831769035.mp4/w_480_00005.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:e400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0a08ed746b6f50083b43cbcd29c197d10bd230c22de280e37fca41c4be07fa46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:44:10 GMT
via
1.1 acf9ad664f94bee3e3cf93077b65edea.cloudfront.net (CloudFront), 1.1 8041ecf6e768a41bc9c64e0c75dc923c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1, VIE50-C1
age
119386
x-cache
Hit from cloudfront
content-length
456276
last-modified
Tue, 18 Oct 2022 19:47:20 GMT
server
nginx
etag
"936d5104986089410bdef7ce6ef5f699"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-amz-cf-id
eBTITX56fTRfoKGGl9_kNEEB7oKF3OlsGIHlkRsu6B0-wN02pRZyVA==
expires
Fri, 06 Jan 2023 13:44:10 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailyjournal.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:24:53 GMT
x-content-type-options
nosniff
age
271743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:24:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E81 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1FfrSld8PmBdGLqCEVdn80d-3E0mPdFKU1QJ_5fyz_n_cLuWJZ5tyShP7mSHDto3WHqRNWHWgyCPQdp3R_XavM0SZbFYxXA1k-w5DiKB56xPDB-ZT&sig=Cg0ArKJSzIE6Ab2W7oWQEAE&id=lidar2&mcvt=1000&p=907,1010,1157,1310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=401799166&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671922436219&rpt=185&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY3MTxlMwQlOSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAmNwQ3JaN0YT0jJat9MmAjJax9MwUjJaZcZF9jYXNmRG9gYWyhPWRunWk5nz91pz5uoC5hZXQzp3VvSWQ9ZGFcoHydo3VlozFfLz5yqCZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9MwAjMSUmQWFwOCUmQTIjJTNBM2EjMCUmQTEjMTEyM0FyMWVyJTNBMWJyMSUmQTI0MTtzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA4LwAhNTM1OS4kMwQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmYTp4MzZxMTtjNwIzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwpkOTIlNDM3NDQlJaVcZD1TZWgcozRiU1BfYXyypwYmYTp4MzZxNDBxMzQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGZGFcoHydo3VlozFfLz5yqCUlRwIjMwIyMxYkMvUlRwIkJTJGpG9fnWNyLW5iLWNfZWFlLW1iqGy2ZS1zo3IgZ3JyZW53o29xLXBupzfgoWFfoC1mnG9iqGVlJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2134:4e00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:56 GMT
content-encoding
gzip
via
1.1 8b8626ca944cc316c9f369d8a33098d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP64-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
eD3_RqxCz8n_LLhrEX0ywFl4U6TWd0olAqnXJ0Zv3lJuOerjriNeog==
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELUGhImXiudXqNAALiMtEgQ&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELUGhImXiudXqNAALiMtEgQ&google_cver=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELUGhImXiudXqNAALiMtEgQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4bd1642a73&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 22:53:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8fea49cd-bf4f-46c4-82d8-7791a6503bfe&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VmdxOXd5Z2t6M2dTQlpDdDdLMWlLZw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEPzxou0PzoZjl17cDFdIpV8&google_cver=1
49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEPzxou0PzoZjl17cDFdIpV8&google_cver=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b977cc7b4-8l8mg
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 22:53:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEPzxou0PzoZjl17cDFdIpV8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=0d43f665-1c09-4758-bdc1-9e725f99e5da&google_hm=MGQ0M2Y2NjUtMWMwOS00NzU4LWJkYzEtOWU3MjVmOTllNWRh
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAo6MW_K5z1zaazLlVjefrg&google_cver=1&ssp=sonobi&bsw_param=0d43f665-1c09-4758-bdc1-9e725f99e5da
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=0d43f665-1c09-4758-bdc1-9e725f99e5da
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=0d43f665-1c09-4758-bdc1-9e725f99e5da
Protocol
HTTP/1.1
Server
69.166.1.10 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:58 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-182
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=0d43f665-1c09-4758-bdc1-9e725f99e5da
date
Sat, 24 Dec 2022 22:53:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=991b63a7-82ff-4b00-a6c7-245c934cbce9
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=991b63a7-82ff-4b00-a6c7-245c934cbce9
Protocol
HTTP/1.1
Server
69.166.1.10 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:58 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-152
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 24 Dec 2022 22:53:58 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=991b63a7-82ff-4b00-a6c7-245c934cbce9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 22:53:57 GMT
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=573091&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAH3cU7HTwYAACERpKCQjQ&expiration=1673132038&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAH3cU7HTwYAACERpKCQjQ&expiration=1673132038&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAH3cU7HTwYAACERpKCQjQ&expiration=1673132038&gdpr=0
Date
Sat, 24 Dec 2022 22:53:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5133329523545131206
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5133329523545131206
Protocol
HTTP/1.1
Server
69.166.1.10 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailyjournal.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 22:53:58 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-16
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5133329523545131206
Date
Sat, 24 Dec 2022 22:53:58 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.therepublic.com
URL
https://www.therepublic.com/wp-content/plugins/aim_seo_smo/cache/addthis_widget.js
Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2209298679&i4=217.64.151.32&e=&p=&r=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F

Verdicts & Comments Add Verdict or Comment

276 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| oncontentvisibilityautostatechange object| _wpemojiSettings undefined| $ function| jQuery object| twemoji object| wp object| MG2Loader object| MG2Loader_options object| tdb_globals object| tdwGlobal object| tdaGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| mg2WidgetAPI number| _sf_startpt object| block_tdi_5 number| sec object| LiqwidVars object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| webpackJsonpCSW function| setImmediate function| clearImmediate object| civicscience function| jsonp_1671922428853_20606 object| dataLayer number| cbuster string| puburl string| placeId string| templateId string| contentId string| sURL object| d string| s object| sParent object| sPlayer function| myWidget object| _sf_async_config function| _ object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| addComment undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| dfw object| googletag function| gtag number| tdi_2_nr_of_slides number| tdi_3_nr_of_slides object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| __amctstart object| Liqwid function| LIQWID_demand function| LW_cl function| postscribe object| google_tag_manager_external object| _snup function| ahmsll_release boolean| ahmsll number| ahmsllfail object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent668 undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| el string| _e function| loadLpb object| Lpbjs object| PWT object| __ctcg_65349_0_exec object| appInsights object| owpbjsChunk object| owpbjs string| partnerName string| key object| LpbjsChunk object| _LpbjsGlobals object| mnet string| st object| freewheelssp_cache object| AI object| Microsoft function| __extends function| _endsWith object| nxtBundle object| webpackJsonpnxtBundle object| NxtInner object| Connext object| CnnXt string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| MG2DL function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners number| _sf_endpt object| GoogleGcLKhOms object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_image_requests object| ats string| ahm_tvx_placeId string| ahm_tcx_siteId string| ahm_tvx_templateId string| ahm_tvx_contentId string| ahm_sChain string| ahm_sURL boolean| ahm_tvx_oldLoaded number| ahm_spx string| ahm_tdx_sURL object| sRotd string| myPropertyId object| clientSettings object| confiant function| initActiveTab object| activeTab object| ahm_config object| ahmpb object| pubgroup_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart object| ahmpbChunk number| ahm_stacktime

128 Cookies

Domain/Path Name / Value
.mrgunsngear.org/ Name: _bit
Value: mbomRK-f8a9ecc4d4666a962f-00Y
.dailyjournal.net/ Name: LVG
Value: 3fc9b381-d234-43b7-bb7a-927431c2632f
.dailyjournal.net/ Name: liqwid
Value:
.dailyjournal.net/ Name: _ga
Value: GA1.2.1552943419.1671922429
.dailyjournal.net/ Name: _gid
Value: GA1.2.1848441940.1671922429
.dailyjournal.net/ Name: _gat_gtag_UA_4866548_1
Value: 1
dailyjournal.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.dailyjournal.net/ Name: __gads
Value: ID=abe5203f1e1d8420:T=1671922429:S=ALNI_MY1qrFmWn80c55-qn55XawUW-nIZg
.dailyjournal.net/ Name: __gpi
Value: UID=00000b980c58e8a4:T=1671922429:RT=1671922429:S=ALNI_MYjuWMJNEcq01Odx5bdg8jNvdhx2w
.doubleclick.net/ Name: IDE
Value: AHWqTUlu292eEAzPgAZN57mWwr8wcvPiROTsL6RmmCHv3U9SZ6wflDMjXzNlha2xSJE
.ads.stickyadstv.com/ Name: UID
Value: 549012f8ba2f8c5a156cd3ed5ce227
.dailyjournal.net/ Name: _pubcid
Value: 1b93c3d5-24e0-4735-8213-cd01b29401fd
dailyjournal.net/ Name: _Lpbjs_userid_consent_data
Value: 3524755945110770
dailyjournal.net/ Name: ai_user
Value: KB6E3|2022-12-24T22:53:50.255Z
.prebid.a-mo.net/ Name: __amc
Value: 1_1671922430_1671922430
.rubiconproject.com/ Name: khaos
Value: LC2JG3N6-1B-7XCH
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpAbF6G5h4UUCAkF7RiBdb4AgvEG2sPPZrw0zLiRRUt4bsIg4eZsQqeY8NiqKrXF+n2u7CJeNVns+BxGCOXoSK1LC1OeFSBre/c6UO785F0Pw==
.dailyjournal.net/ Name: anonDeviceId
Value: d203a9ecf2fa02d1217f28c964192c25
dailyjournal.net/ Name: OX_plg
Value: pm
.dailyjournal.net/ Name: _gat_UA-206376083-1
Value: 1
dailyjournal.net/ Name: ai_session
Value: TT3LY|1671922431058.6|1671922431058.6
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%223D974D92-6F49-4D92-86E5-5CAD6C8C4EC3%22%7D
.casalemedia.com/ Name: CMID
Value: Y6eC-6pcwMc0WqeJpHpdkQAA
.casalemedia.com/ Name: CMPS
Value: 1150
.casalemedia.com/ Name: CMPRO
Value: 1150
.doubleclick.net/ Name: DSID
Value: NO_DATA
.de17a.com/ Name: guid
Value: 1.6332161526117260734
.turn.com/ Name: uid
Value: 9077043743129357630
dailyjournal.net/ Name: _lr_retry_request
Value: true
dailyjournal.net/ Name: _lr_env_src_ats
Value: false
.bidswitch.net/ Name: c
Value: 1671922431
.bidswitch.net/ Name: tuuid_lu
Value: 1671922431
.bidswitch.net/ Name: tuuid
Value: 0d43f665-1c09-4758-bdc1-9e725f99e5da
.bidswitch.net/ Name: google_push
Value: AavPq0Or_WJkZjxZDji_3rMSTk2cM_vZsXWL3ujLn8ZueUK_ZsfWJErO10XJ_2HD39J6WHDuX5nqOuo7-ZFqnSQWUyn3iqKTQDxNFQI_
dailyjournal.net/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-24T22%3A53%3A51%22%7D
dailyjournal.net/ Name: pbjs-unifiedid_last
Value: Sat%2C%2024%20Dec%202022%2022%3A53%3A51%20GMT
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 59D38E8A-0F0E-4576-A27D-A47E58057D2B
.fwmrm.net/ Name: _uid
Value: "v2e3f_7180852162594343964"
.quantserve.com/ Name: d
Value: EJYBCwHxJ_ijAA
.quantserve.com/ Name: mc
Value: 63a782ff-8f062-105f4-af831
.adfarm1.adition.com/ Name: UserID1
Value: 7180852162609150106
.weborama.fr/ Name: AFFICHE_W
Value: SZyw5jTez8FJ85
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: v2e3f_7180852162594343964
.ads.stickyadstv.com/ Name: MRM_UID
Value: v2e3f_7180852162594343964
.adnxs.com/ Name: uuid2
Value: 4203139841800031892
.zeotap.com/ Name: zc
Value: f4be2af5-ce68-4186-6b45-c5b099a7dd4b
.rqtrk.eu/ Name: browser_id
Value: 1:282122fd-8cc6-42e2-b24d-c6023aac6aed
.simpli.fi/ Name: suid
Value: 3AD6E96DB69647639DFDE4733FA73FF9
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c7991929-ecc8-4088-8117-5669695f25fc-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
ads.playground.xyz/ Name: connect.sid
Value: s%3AQMFDiGq6Z6SpBes88cWxY3JSBFj578bS.8DPaQA7HBlzu2hGEd1PX9JnN7F0ASkb10nH5Xw%2FpCuI
.adsby.bidtheatre.com/ Name: __kuid
Value: ca095a38-6150-4be9-854d-c90e33e817d3.441136431
.adform.net/ Name: C
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 592fcadd-7b9a-4f4c-bfbd-df659c18a315
.adform.net/ Name: uid
Value: 6829081943877337663
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7180852162609150106&KRTB&23278-7180852162609150106&KRTB&23369-7180852162609150106
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-0d43f665-1c09-4758-bdc1-9e725f99e5da
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4203139841800031892&KRTB&23339-4203139841800031892
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-9077043743129357630&KRTB&23150-9077043743129357630
.onaudience.com/ Name: cookie
Value: 110a19310ec5d810
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h&KRTB&19420-YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h&KRTB&22979-YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h&KRTB&23403-YS0GL28sAX56JgEoYSxKKWcrASx6fwEgZC8xDo-h
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6332161526117260734
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIVkHDDQXiGEjM97RwKndfk&KRTB&16514-CAESEIVkHDDQXiGEjM97RwKndfk&KRTB&23025-CAESEIVkHDDQXiGEjM97RwKndfk&KRTB&23386-CAESEIVkHDDQXiGEjM97RwKndfk
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6eC-wAGe4K50QAZ
.bidr.io/ Name: bito
Value: AAH3cU7HTwYAACERpKCQjQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6829081943877337663&KRTB&23263-6829081943877337663
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y6eC-wAGe4K50QAZ&KRTB&22978-Y6eC-wAGe4K50QAZ&KRTB&23194-Y6eC-wAGe4K50QAZ&KRTB&23209-Y6eC-wAGe4K50QAZ
.amazon-adsystem.com/ Name: ad-id
Value: Az_tZ7HlyksYnxRaNaYXPzs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tribalfusion.com/ Name: ANON_ID
Value: aUnseFON6Jf8ZbUxrbOFYEocZavIBY1mBFZcndsnUQEUHTZcrFQONHTsmkqhEuLSGZaCfQR3dZbrPHHlVrBu5ZbOh7b
.mathtag.com/ Name: uuid
Value: 991b63a7-82ff-4b00-a6c7-245c934cbce9
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:991b63a7-82ff-4b00-a6c7-245c934cbce9&KRTB&16736-uid:991b63a7-82ff-4b00-a6c7-245c934cbce9&KRTB&23019-uid:991b63a7-82ff-4b00-a6c7-245c934cbce9&KRTB&23208-uid:991b63a7-82ff-4b00-a6c7-245c934cbce9
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dd939e8c-28ac-4931-49d0-0790f184eb50.uXzntVJSywkAXxCVJR15n56eD7pcH8Sbpdbe14eDTK4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A3ZOejCisSTFJ0AeQ8YTrUNlAlyA.5kx8ELP%2F9CBpN7iJVL33enPZbnc1E3jctleNVUZcTKs
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-3ZOejCisSTFJ0AeQ8YTrUNlAlyA&KRTB&23334-3ZOejCisSTFJ0AeQ8YTrUNlAlyA&KRTB&23417-3ZOejCisSTFJ0AeQ8YTrUNlAlyA&KRTB&23426-3ZOejCisSTFJ0AeQ8YTrUNlAlyA
.yahoo.com/ Name: A3
Value: d=AQABBACDp2MCENw9puVMiHZIykpEJjk9Vr4FEgEBAQHUqGOxYwAAAAAA_eMAAA&S=AQAAAqF8UZfbdFvk45WGxtxzxYw
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~291a
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6ccfad67e110630c
.dailyjournal.net/ Name: nxt_upd_ac_DJ_DJPRODDEFAULT_PROD
Value: 1
.smartadserver.com/ Name: pid
Value: 4808890107944590772
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAH3cU7HTwYAACERpKCQjQ
.dailyjournal.net/ Name: nxt_DJ_DJPRODDEFAULT_PROD
Value: {%221%22:{%22100032%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222022-12-24T22:53:52.386Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:100032}}
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAH3cU7HTwYAACERpKCQjQ
.dailyjournal.net/ Name: _cb
Value: DGaEzWDP7KA1D0ui7O
.dailyjournal.net/ Name: _chartbeat2
Value: .1671922432635.1671922432635.1.TlsxoCPAK4dCVZr9figPbpCquMRL.1
.dailyjournal.net/ Name: _cb_svref
Value: null
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158432:3
.pubmatic.com/ Name: DPSync3
Value: 1673049600%3A226_221_219_201_227_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1673049600%3A88_81_21_214_54_71_22_8_243_99_13_7_233_56_3_55_166_254_251_238_204_176_220_161_234_165%7C1672444800%3A223_15_2%7C1672704000%3A63%7C1673136000%3A35%7C1677024000%3A69%7C1674432000%3A203
.ctnsnet.com/ Name: cid_f12c4dffa187418291552b8d49446d5c
Value: 1
dailyjournal.net/ Name: _lr_geo_location
Value: DE
.fiftyt.com/ Name: fifid
Value: c3c68bad-af3f-4d1c-6669-473c196623d7
.fiftyt.com/ Name: cs
Value: MTY3MTkyMjQzM3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMrMOBYJvDQbZMoxE-_M7jkXxV5BPs8ckX9-5AWurDRW
.onaudience.com/ Name: done_redirects147
Value: 1
.fiftyt.com/ Name: fppm
Value: 20221224225353
.w55c.net/ Name: wfivefivec
Value: x5bbmREv1P9doR5
.w55c.net/ Name: matchcasale
Value: 5
.audrte.com/ Name: arcki2
Value: iebsb-W2-fYTUqFmZMrqf2CrA!20220908!1671922434005!ip#217.64.151.32
.audrte.com/ Name: arcki2_pubmatic
Value: 59D38E8A-0F0E-4576-A27D-A47E58057D2B!20220908!1671922434009
.semasio.net/ Name: SEUNCY
Value: A800CC27B09109EF
.gammaplatform.com/ Name: _aGeoIp
Value: MY|Shah_Alam
.gammaplatform.com/ Name: _aUID
Value: 28w7cq352qfl
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-28w7cq352qfl&KRTB&23446-28w7cq352qfl
.pubmatic.com/ Name: PugT
Value: 1671922434
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&8a06640a-6a7c-41e3-8c74-5f288f5f7d97"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzE5MjI0MzQ7MjswMjGVML3OM8YaZuOJ17FiVJGzz7tQd2Bhf8v9omxf4/I8gA==
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2860:u=1:x=1:i=1671922434:t=1672008834:v=2:sig=AQHtajQOtySglj7U-39ycQi-rtfE_5td"
.lijit.com/ Name: ljt_reader
Value: F3zdsBZH41xS4lCsRVePnMLQ
.openx.net/ Name: i
Value: eddd0c3e-717c-0d7a-0ce0-9bb9c92e91e4|1671922434
.go.sonobi.com/ Name: __uis
Value: 8fea49cd-bf4f-46c4-82d8-7791a6503bfe
.go.sonobi.com/ Name: _usd_dailyjournal.net
Value: 4ff28ac2-479f-46df-8937-07c57f7e45d1
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s85149|Y6eDB
.pubmatic.com/ Name: SPugT
Value: 1671922434
.openx.net/ Name: pd
Value: v2|1671922438|gu
.casalemedia.com/ Name: CMTS
Value: 1156
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY1AbINjQzMhPgMdTMq8qPKPJM9AqsqigCvDoabJQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY1AbINjQzMhPgMdTMq8qPKPJM9AqsqigCvDoabJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slymtoZm5oaWRkYmxhamICANDHA7oQAAAA

7 Console Messages

Source Level URL
Text
network error URL: https://www.therepublic.com/wp-content/plugins/aim_seo_smo/cache/addthis_widget.js#pubid=ra-51f7f52e7f584b8b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=59D38E8A-0F0E-4576-A27D-A47E58057D2B&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=110a19310ec5d810/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbbagbRYbanjVQSba
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://dailyjournal.net/2022/12/21/police-no-clear-motive-for-greenwood-park-mall-shooter/
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2209298679&i4=217.64.151.32&e=&p=&r=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F' from origin 'https://dailyjournal.net' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2209298679&i4=217.64.151.32&e=&p=&r=https%3A%2F%2Fdailyjournal.net%2F2022%2F12%2F21%2Fpolice-no-clear-motive-for-greenwood-park-mall-shooter%2F
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://tribtown.com/wp-content/plugins/aim_seo_smo/cache/chartbeat.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api-mg2.db-ip.com
api.rlcdn.com
ats.rlcdn.com
aud.pubmatic.com
az416426.vo.msecnd.net
b61232741d6503ca127896f5a9d5120b.safeframe.googlesyndication.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn.confiant-integrations.net
cdn.czx5eyk0exbhwp43ya.biz
cdn.godiciardstia.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.mircheigeshoa.com
cdn.pranmcpkx.com
cdn.wgchrrammzv.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d2zqfs55y95cft.cloudfront.net
d5p.de17a.com
dailyjournal.net
dc.services.visualstudio.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
get.civicscience.com
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
japfg-trending-content.appspot.com
js-sec.indexww.com
justapinch-com-d.openx.net
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
liqwid-d.openx.net
liqwid.net
live.primis.tech
live.sekindo.com
loader-cdn.azureedge.net
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mcdp-nydc1.outbrain.com
mrgunsngear.org
mv.outbrain.com
mwzeom.zeotap.com
odb.outbrain.com
p.rfihub.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
ping.chartbeat.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod-aim-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
rock.defybrick.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
tribtown.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video.primis.tech
visitor.fiftyt.com
widget-pixels.outbrain.com
widgets.outbrain.com
ws.rqtrk.eu
www.americanhometownmedia.com
www.civicscience.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.justapinch.com
www.therepublic.com
www.tribtown.com
x.bidswitch.net
fid.agkn.com
www.therepublic.com
104.18.33.19
104.26.4.15
13.225.78.116
13.69.106.215
13.85.16.224
130.211.10.17
141.94.170.77
141.94.171.215
141.95.171.139
141.95.97.231
142.250.180.226
143.204.89.32
147.75.85.234
148.66.196.157
15.197.193.217
151.101.66.49
162.19.138.119
162.19.80.92
172.64.151.162
172.64.154.237
178.250.0.163
178.62.202.251
18.197.255.208
184.51.8.30
185.29.134.248
185.64.189.110
185.64.189.229
185.64.190.77
185.64.190.80
185.80.39.216
185.86.137.107
185.86.139.106
193.0.160.128
195.5.165.20
198.148.27.139
198.47.127.19
198.47.127.20
199.232.18.132
2.18.36.193
2.18.37.67
2.18.79.136
20.13.96.71
20.60.62.4
2001:678:cb4:bbbb::11
213.155.156.180
213.19.147.45
216.52.2.19
23.23.131.203
23.62.221.169
23.64.52.128
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2057:8400:1a:ba5c:3900:93a1
2600:9000:2057:cc00:18:1fcd:351:7bc1
2600:9000:206e:e400:1:6448:6d00:93a1
2600:9000:2134:4400:1a:5235:f980:93a1
2600:9000:2134:4e00:1a:5235:f980:93a1
2600:9000:223f:4600:f:c7b3:ce40:93a1
2602:803:c003:200::31
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:1857
2606:4700:20::681a:171
2606:4700:20::ac43:49cc
2606:4700::6812:116b
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400d:802::2002
2a00:1450:400d:805::2002
2a00:1450:400d:806::2001
2a00:1450:400d:806::200e
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:808::2014
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2001
2a00:1450:400d:80e::2008
2a02:fa8:8806:20::2040
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::485
2a04:4e42:a00::282
2a05:d018:d29:3602:f84d:3d72:727e:650c
3.123.245.15
3.126.56.137
3.226.30.185
3.69.181.174
34.102.253.54
34.107.148.139
34.111.129.221
34.111.131.239
34.120.133.55
34.120.58.62
34.200.172.80
34.252.235.208
34.98.64.218
35.186.193.173
35.190.0.66
35.201.96.126
35.204.74.118
35.214.223.115
37.157.6.233
37.252.171.21
37.252.171.52
44.195.176.242
5.161.47.120
52.212.224.242
52.220.229.2
52.46.130.91
52.95.125.22
54.231.228.41
54.80.38.94
64.202.112.63
65.9.71.118
67.199.248.12
69.166.1.10
69.166.1.8
69.173.144.138
69.173.144.139
72.251.241.206
77.243.60.138
85.114.159.118
98.98.134.242
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
010f56ce01aeb2445f255a4a7bcd8c85deefdc5e832cc56f1184f5cf9ba26de4
01d97bed95d5b5dbdf2c2f8425fa750b22360df87c9a35a5b999743d03c088e5
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
03f6af12c8a6f9375359cbe692257b12edd256f4d6022440b15b3faef3a25ebb
04c890757507814058ae8a741acc075e24d1c0f22f4cf7ae0e5d9583a71bf2cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0897b7f874ba8ce4cce86610dd2645fad001172555b89e435391901648ad6a64
092804d065eee9d096bea623a228ce7fe27d7791cd9f50f2d3faa63b1c54668a
0965777f72ee28513a5d5b95fd0b9d3e3add57ca9808eff243a57d5938beed3d
099f7bd7eeecadbaac06271857ca7ed29a0c4ab338b7ec6bc89170c506f4629d
0a08ed746b6f50083b43cbcd29c197d10bd230c22de280e37fca41c4be07fa46
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bac6c979e8502e6e90a4ab806d32724674f86f26deb1b9626a1be94282bc1ff
0bc591b3b162cd6bf2d4e1d6df70a2f6abff089e33d351cda28eb869abdae0b6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583
0ffaa44d2e731cffb3ac261b612acb16be337f40cfd41a88d588a4179abd8449
10ad0b3f5cb38dd38efaae7ca5c57e749a1de1cceca0ec7c624fe7694c3165f3
11415d735a81423f47f921a629df017d964a84a349d6a32d88573a09312af3b8
11608d595e1e992c321623c6e3f96a1b699e68931ad0ec04188558bf15953937
130ba376473d5d739d0b0ac0f0daa9a16a8388bba60924cb546b1dde75353443
141091d2a8335f255b1600fca57ee9409b3790376ac5b9b84158003e08bd897b
145b9300585410515634beeb62db5dc6012333eea0bd15f9366664d23c69ed90
15295fb4d15e6b05b37edadd3d0ad09bc2a5b663d98c3e25dd14cf314b70c7d6
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
174923f7eb9793790997c78f0bbc127f6166d8f4916a425d3c4f090645863077
17b16ac1a43668313022fbbe42a11009c3a30d34b667fd63925fdb3ce00eca8d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e8420aa229279ff8a089ceea7fce8f38b564b4a4e76bc42db020656f096d27
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19f9682fb20961e6072884fa425f6bcedb11d8f1713672c1d8383d1f0c4f70ab
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4
1a9b46dafb8ee21b9831d68bfd9b1976637afe4774cd7f866a295ce0c872d3b0
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1dfe65de29e23943f85f21fd00d8f5e1037d14fb466bf1abe540128f93c0f5c3
1e09fbe47395274b7b2ac7c6c0d2470611f1a7b149bda29b8c1f6f4b2482f999
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1f0b3805ae7450b7f469a3ad8c3a1e5307a1b83c927544b120ff0b6806ce14ac
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
21f736a7540c73bb779c6d39ae434b8828da1351b09d0faf77072a461d90cf16
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
253896b857cf31518e9ee0e8bc53d27029850ac4e0d191c1d46e0c081bfa7af4
25692ae2b409da991755db64d75d32a4f633da2fd6091b0b6972478207423278
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940
2844a7c6a67853acfaa2d1f88b6bf20a5575aff6a43e272e837c3c29d719d84f
28fe630177ad7879c4692819037371b0ee31a4aa938bd53d5101a615095c7246
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
297f9ba17399952c1c714755f4e3a2b00b4ca7a911cf24533c26a3039b323700
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f70799716ae4c1a547b233a3c01bf95e07baad68fc8575d1a7dee2854345eed
30f71e543fbec3805b71bf345b1461869fc64c7c8d862af695db901399e81fe2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3458b5bb1853a2a737cca25ea5a146047b091cd06cce10443dd8b58de68a518f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3803509a0eafaa28315014fb655482e39fd314d4eb6ab2721c4ede11ddf5b93e
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a085de908ce66364c5621ca806c22a80eabddd6fbf26ae0223cb1b265669c21
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee5392e9979890747d247544d178fa47eee37049897b0619217e0fe29aea677
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c3925299095c7aa43f759bdf6a79f8ab8130b48d12315379aefa9e3675387f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1d9a531190cab9066ea2d50e72772e5764b627d60708e4a79b43ee998966b9
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4ff5fcea215a8777db181983bac734b59ddd13eec0ee35d57f6270851e3751d7
5146625d12c9a45e5c83f3fdfab8bb25505685d12cd36947811fef096bc4f3c9
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52aa6f281fccce6611fffce416a92383e9932e8191f6e54d116b6d4cb8639dc1
53ade5631caa41f2b8b8fdf2a1864845bc61334d652a0950b48e047e43275fb5
55880fab2ee68a999f2e8c148dc8f5bec0097774e59ed3f84db5258323eab1c2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b762d39ce985a90768f7cc9ead14ff328f23cbb446447412960a99a39824d2
55f82d37f8739af265a3bb15d779c42e08c1aaf85142d2e77b8e0a9255c15d5e
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
590532f7e816d6907b74da909463f6ee19242ff835a8c731bb763fc8e675495c
599b77f7e454d732e9a9a4d7d37d74dd865c9e5c72d9742603ab2a96a39dd7b2
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c11c94ece28dad27d012873c122955445f4d43a490eb8dfa60b749f8c44fbf9
5d3c1999b25460e0b6614228fb8dc3bc750eb9fa833dd74d6adffa3cd1b4e57d
5db751d6d8ca9a4e84cdacdce89beedafb090e9a34beaa97f2e84b55f0191825
5edbdaf814c83fcc7890b11d3b240a8b527cb38b05eee7bc7202a5bb44f0d702
604bec16dd716734f9eba46afae7d50910397838d46784c95133182052261922
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
66a591e6ad8c4120a0d3072f2d5b2737431b1e2a3de9d47252c4107075256338
67498fc1e5a04b98b7d845e90f4f1596b7154c4199711f9791163324fa272eac
678ba3b30abc8363927f1f706435fb1502722a2525007767d05b1b5a8652f13e
683c1fac225f4076c77881971ff97d3f80795304eea176b1b3c7545bba5860d0
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9
698d1eaf6958f37f651e6705e8c7d78c346ffffd8d85bc24cc4fad8e89a3fc42
6a4d9f646533101d8c49325178c2a4fa6e3403da3a91a8dda5c72d8f941b3b39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1ea3901720c319eb77062e54e6ca9718b9eca922c0b58df10b721220d30b91
720baa9eff8805410ccd9c890c2824dcf2cddd6c71b3c83247e109781447ff61
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
779906354e887f593f6cdb80152929ddd4aa89be073c3eecb5838b280410b60f
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fa663756a880403dff9b066a41b0f5860805cf4067a83e43c04e32e5515e7e5
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836daa22dc5e6a9d65983b2319ebd3d54c177ae0069e84138ecbe536933416b4
84e63f1e22257b913359f37eb2f64a6c854702e02abe1801e878690690a9a0c9
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88691bf845e16996e3f7b84115a98cdd4c0e362d059f9241f33b3cf2e1297eb6
8b26f68473dc7cb519d4da644dc50fb9660a56fc04bc4898a560e6d47fc69852
8b542c16e4d890cec65d4b8ee77a2d53e4619141e49bad939b9192c88376ace6
8cd5ed2ca8233efd3d053543035ebc39e1052a2043a670b7520c15a5e87710af
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d71bbcce819227735147ca5d04ab942e0e7f4ddad258438d44d47389fc9377f
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fae9fc740319880c3e4679da072da47e459f25538aa18a1ea2b6f5631b2c751
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6
91e4e2da6ca9623f3da6e34ed8074d94a9e3292808bb229a188c9ef5ae98832b
923d4d99322d6f9a2facf7f5b0ef84fd60b78ad8bbe9a661cdf96fbaa452be84
93bae22135c8c7353031efc3a6bd70932e7c675bf9cb8a87f25f379aa68030d6
9584a57e58e13971e1737272fdf3b9d0267e8c36d641aefbd954542ca726ea65
962851f7ec17c7dce6050a28782ce6c8cd01e65a2b3c0be3fed863a054fa9c71
97857a2708957d832eb488968ea0321a344203f717a9fc1ecaa749bc0558401d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9978410e404c2f058fe25e4d4a70899c7a817bc0b86eddb39d97e827038aa770
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2115892cd71c30e309773b80fc3515b0d3e492311d02378280beb456097c4e
9c33ae8cab8987ee8893e77198bec2a0cca5a780a6f44a9cfb4c992db0332e3f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9da6a0ee53393e3720f5b9f542f1bb3dc40750b5e26ea3a6cac1015116624c77
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a3f9f1591709ab5661fa3815c6c8ce76fdc7a636fb86178b7101ccd7ca3c0191
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4caa1c1c23199b413a9928be0eee9401ad9f9eb666e82c61e65ddfc0c716b3a
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b
a7d3d8d999842caaafb220f354faaf24ba4cea98cc890ba60b43d557afa21481
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9c954755821e73e18bd2ebf2f8e74ed6096804a1e3263e20ddf2503ec276229
adbf5a09596466540d860653fd54fdd745f8be9bdb2f134c8581ccf294be6490
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3753c0930ae2656babda0fbbaa6ad9aa2160391b885216de0b4c9e0f09691e3
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b460964327bf813606aeb5911dac3440e424079c0385b06952c5057c3ec3649b
b4aa0f1468d110c0a34265257aa43a389b345f7306137927eac600da913b7801
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b5aa4d38c4c23fb29b07d54a09be94d5511c08ed6da8031cd05f7dfd8af6f852
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5dee9094d9f8d512b266964054a2363853fa1755c46b9670cd0e13cc8e89fdc
b671b8363ab11f29ac6202d86af887f6344ef364c540011403517403b074edfa
b6838e34f793cc1bd269c046eade166c6b7a79f0489b422a25c86cf03474cfbe
b814f0a38089e65792d81ebebe5cf291889513b3b83251d12888038fec77c389
baf8ffd38c58c3be5c3a14a82abd966fb4e5551288ab5ee6a88f957bbbc90d2a
bb551cb5754cae5082cd484e67752944c2e8b70fbc5efae9c8ab2aa7e1306034
bbadade78bce077b4584a5e8d9812cd262df9990c1b8fa7294b86e88c297b5be
bbb6d0e3d80d7ae9d60e692a94510c5b7601ff8113d71a82fce3ac3ca134fbd9
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c1064c1f43b7ee7e1d3e1a197c3c73c676cda3c4cf14f53e076990d3c98fdd76
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c309a67511f28109c762621629f323ffcde8099d90feeb5ae021d5b3987c5961
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
ca2bf2af3e1dbd0bac81699935d8c3ee8ba994087c096d5ae209af935cb5a19a
caa60c909b4ad7987872b6a5a7e780eb3d21e623fce972b19fffc59dda8ddf65
cb80ac962aa35c6ed8a82398beeae25d6fc9e23088bc5949d43a81f0c3c129ba
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf3086950271737a4081f32de51d04972cc659647945f5e14451ce5162318070
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1482702b986acead4a107ccc65764a34595828a8a590cbde327751dec9f5e3f
d282a30580fe5e3e1a0f765672eb7981b726e6d492e64ded067a2539af376738
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d863a47b3033692aa415151ecf5350f2c83ddbc984cac07e774df97ccddc0975
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db1dceab64bfba39c5e79ce3f1edd294914a7277f4eb333c6c2ccbd8d132bee0
db681824fa52e7aa7789e086d6ba9c7f2fec98b054ef0ca89c02977aa6611eab
dbc846c4a0286ad836c775780c85f5d0ddcda6b94dc9545f8d1ad05fa350801f
e11358f81905fda56213119d8d9a1076ec679d26ad3f9ad82c0091024a7a1408
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2f5f759ee35231a107b5ab90a9fcb7d75f2235c4c5e1e9e19292a3531d3435a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bba5e1a819b31a4f729797c0e09a73b78c3dafbd1287e88a6e90e705e7a635
e61d7c572053394661184efac116f2f41ad6325f1180387ddcbab646a0025bd1
e62009f26ef6ec4fb82c091a7ee2da487e4a139fcb9f2e74fac9a33a4a386f56
e635c523ba1390dc7deea50d4bb766f83be24fd4d22943c9fd1c8ac0c9f3266c
e772353c8acaaa7d27cc46aea6edda76434b9d17452bd2f5df7c212bcaa346c0
e8a346498329a7c6e2db3c24b4adf9869a7d877f85bdd757cb7a5eda7ed0d7df
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ebdc76da6a400031db745c82b73a3ee53065265545267e5b7b73d87d4410564d
ee2e9e7563eeef5072d61733a1aa15ec8309ffe3e9bcddcc77a33f75194be4c9
eedcf6cf1ce6696a1dd8f00f8c017c326dcdee28aebf8ce80201ca0e07dfea98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96
f49f437125677bf25a1b318d83f84152ee5b72fbf5cd4bc7ceca8c82d581da8f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8c5e1611f7a635693f2aec2d6ec517077d01e23333f7a9cd3c6b7cec5387187
f91c94e6e337e7c7648a0f1446b6c8d8793a7caf071c97428aea8417c3c59237
f91f7d9c4de52ec1084e1f06b5043dd2d60da1a67b32bb90002357e3687ce224
f9df32106edf1999a1c86c9b9ad48982c6bb443120e9d5fecc0d5f59cc4daae8
fd9330bdfa4183f0a88db34eb51f5b6b382412256d39ffa237e25efc02385c7d